[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17645605#comment-17645605 ]
Daniel Keir Haywood commented on ISIS-3305: ------------------------------------------- re: (1) for dropping Keycloak support ... I don't think we want to do this, because actually our Keycloak support is really nothing more than docs on how to configure Spring security's Oauth support. > [DISCUSS] Re-platform on top of Spring security. > ------------------------------------------------ > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Improvement > Affects Versions: 2.0.0-M9 > Reporter: Daniel Keir Haywood > Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: # drop Shiro support > # drop Keycloak support > # instead fully integrate with Spring Security > # drop SudoService > # instead provide impersonation via a specialized login page > # drop Wicket's .../login, .../logout > # instead provide simple replacements under /security/... central to the > application (not using Wicket) > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)