Hi Bolek, welcome on board! I think a bit too much 'noise' is much better than too less information on the list. One of the core principals of the ASF is 'community for code'. The best source is almost useless if there is no community around. Thus one of the most important stuff at the ASF is _communication_!
There is another saying at the ASF: "If it didn't happen on the list, it didn't happen at all." Which means all decisions must be done on the mailing list. This is an _open_ source project. Making decisions in some private back-chat is not 'open'. Even IRC is bad if too much work is done there and not on the list, because IRC is not really timezone and $$dayjob friendly. Btw, a completely general note about communication between technicians (has nothing to do with Bolek now): Don't take anything personal. If we talk here, then it's purely technical. And if someone tells me I have messed up some parts, well than this is NOT against me personally, but against the part I did. Maybe I missed something, maybe I didn't have my best day, ... I might have done other parts perfectly fine. What would be WAY worse than telling me I broke something to not speak out and let the broken logic/source in the project! Thus: review, review, review! LieGrue, strub ----- Original Message ----- > From: Boleslaw Dawidowicz <[email protected]> > To: [email protected]; Mark Struberg <[email protected]> > Cc: > Sent: Friday, June 29, 2012 11:33 AM > Subject: Re: Sandbox for DeltaSpike > > Hello, > > so late introduction from myself :) > > I live in Poland - Warsaw area - and work remotely from there. On the > professional side since quite a few years focused on JEE portals. Currently > I'm the GateIn Portal Project Lead [0] and Platform Architect of > corresponding RedHat product offering [1]. Previously I was also working on > PicketLink IDM component [3] which we use internally in portal but is more in > maintenance mode currently. > > I'm interested mainly in the security and identity part as we are seriously > looking forward to build on top of DeltaSpike in the future in those domains. > There is also my colleague from portal team here - Marek Posolda who already > participated in some discussions on this list and cooperated with me and > Shane > to build the security use cases [3]. He is also interested in contributing in > this area and should be able to invest his time to help with implementation. > But > maybe I'll let him speak for himself :) > > To be honest i'm quite new to how things work in Apache projects and eager > to learn how the cooperation should flow between us. I was actually about to > start looking at providing simple JPA implementation of IDM IdentityStore [4] > so > it is a valid question for me where such work should happen. As at the moment > it > is still only part of prototyping work that Shane is doing and not officially > pushed to DS repo. > > If I'm not mistaken there are at least 4 different threads related to > security that were started on this list while ago but died without > resolution. I > understand and agree that things should be discussed piece by piece to avoid > unnecessary noise and keep things in order. However maybe for such huge > domain > it is better to first have basic agreement in direction (which I believe > already > happen) and then cook some initial consistent proposal to discuss at once - > which is what Shane is doing now. Security part is so broad and also probably > not so fancy to everyone around that it is both hard to decouple separate non > related parts to discuss in vacuum and have such fragmented discussion > flowing > without bigger parts of prototype code to get feedback about. Still like I > mentioned before I'm quite used to very different way of cooperation in open > source projects so I'm eager to hear from most experienced guys here how > things should proceed. > > Bolek > > [0] https://www.jboss.org/gatein > [1] http://www.redhat.com/products/jbossenterprisemiddleware/portal/ > [2] http://www.jboss.org/picketlink/IDM.html > [3] > https://cwiki.apache.org/confluence/display/DeltaSpike/Security+Module+Drafts > [4] > https://github.com/sbryzak/DeltaSpike/blob/security/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/idm/IdentityStore.java > > > On Jun 28, 2012, at 6:35 PM, Mark Struberg wrote: > >> Oh yea, that was my fault. I was on a conference earlier that week and > overlooked his mail. Found it now. >> >> >> Shane, what is the direction you working on? What are the basic ideas and > what shortcomings did you identify while doing the review? >> I'm not sure if it wouldn't be better we would make that work > directly in the deltaspike main repo. There are lots of other people looking > at > the repo and we got many questions regarding security already. And not being > able to point people to a canonical repo which contains the latest stuff... >> >> Btw, welcome Bolek! We've talked on IRC already a few times. Would be > great if you could introduce yourself with a few words and also if we move > the > technical discussions from IRC more to email. This is much easier to follow > for > people in different timezones. And it will also raise visibility and make > people > aware that there is a new face working on DeltaSpike :) >> >> >> >> There is a general ASF rule "If it isn't on the list, it > didn't happen". >> >> Using IRC or even skype calls is fine for _additional_ ad hoc > communication, but it must not lead to 'silently' doing things without > having conversation on the list. IRC is just not a mail archive which can get > scanned easily. >> >> >> txs and LieGrue, >> strub >> >> >> >> ----- Original Message ----- >>> From: Jason Porter <[email protected]> >>> To: [email protected]; Mark Struberg > <[email protected]> >>> Cc: >>> Sent: Thursday, June 28, 2012 6:20 PM >>> Subject: Re: Sandbox for DeltaSpike >>> >>> On Thu, Jun 28, 2012 at 6:06 AM, Mark Struberg > <[email protected]> wrote: >>> >>>> But if we don't talk about that stuff at all, then there will > be no >>>> visibility and no progress neither. >>>> >>>> There is really no problem with spreading out parallel topics, IF > there >>>> are people interested in contributing. >>>> >>>> >>>> What I do _not_ like to have is starting with 15 different topics > and not >>>> finishing anything! >>>> >>>> Btw, what is the state of deltaspike-security? >>>> >>>> I have no clue about it nor did I do any review. I've also not > seen any >>>> commit lately. >>>> >>>> Who is working on that? Or is noone working on it at all? >>> >>> >>> https://github.com/sbryzak/DeltaSpike/tree/security >>> >>> I believe Shane has been working on it apparently, but there hasn't > been >>> much discussion. >>> >>> >>>> LieGrue, >>>> strub >>>> >>>> >
