Discuss security module
-----------------------
Key: DELTASPIKE-62
URL: https://issues.apache.org/jira/browse/DELTASPIKE-62
Project: DeltaSpike
Issue Type: New Feature
Reporter: Dan Allen
Assignee: Gerhard Petracek
Application security can be extremely confusing and frustrating, especially for
Java EE developers. Yet, it's an absolute requirement for nearly every
application. An integration with a strong security framework is desperately
needed. DeltaSpike could offer a module that makes security very approachable
and integrate well with CDI and other Java EE technologies.
Apache Shiro [1] appears to be an ideal candidate. The goals for the project
seem to align perfectly with this need, as Les explains in this article [2].
Apache Shiro has many things going for it that make it a good match for
DeltaSpike:
* a top level Apache project
* actively developed
* mature (nearly a decade)
* pluggable & extensible (the key for CDI integration)
* works in web, ejb *and* java se environments
* supports all aspects of security (authentication, authorization, permissions,
certificates, ciphers)
* easy to use
* subjective bonus: has a cool name and logo
It seems like Shiro could really use some CDI integration to make it even
simpler. (Several integrations have already been explored [3]). We can start
with some producers and then build on the declarative functionality that has
previously been explored in Seam.
[1] http://shiro.apache.org/index.html
[2] http://www.infoq.com/articles/apache-shiro
[3] http://shiro.apache.org/integration.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
