Hi,
markt wrote > Had you not cut all the context, it would be clear that Ron's question > was: >> Does the Tomcat community support the inclusion of the Servlet profile >> of JSR 196 in the EE web Profile? > Hence my response. I don't think the Tomcat developers are in a position > to pass judgement on what should or should not be in the web profile as > we have little to no visibility into what users want from the web profile. I see, thanks for the clarification, it's clear to me now. markt wrote > The only folks talking about JSR 196 have been either EG members like > Ron or David, or Tomcat committers mentioning that JSR 196 support was > being considered or might be a possible implementation solution for > something. > > Not a single user has asked for JSR 196 support. Well, I'm a user asking for it ;) Personally I know of 2 users who were busy trying to implement a kind of bridge between JASPIC and Tomcat so that they could use their company's in-house developed SAM with Tomcat. I don't know why they didn't approach the Tomcat mailing list or created an issue. I address JASPIC on my blog, and from the traffic I can see there's some demand for JASPIC indeed. People do search for things like "portable login module", "universal realm Java EE", "jaspic", "jaspic api" etc. Granted, it's not a very large amount of traffic (currently sits at ~1% of the JSF traffic, which is a topic I also cover), but it's still there. As opposed to WebSocket; I think WebSocket addresses a need for which there wasn't a real solution yet. It's a new feature that got a lot of attention. JASPIC doesn't really add any new feature, it just standardizes existing things. People are obviously already building authentication modules, but seem to have grudgingly accepted that those things are just container specific. For some reason JASPIC hasn't been given that much attention. From a user's point it was almost silently added to the spec. Even the well known Java EE tutorial from Oracle doesn't mention it. On StackOverflow I mentioned the existence of JASPIC a couple of times in relevant questions, and even very experienced Java programmers (judging by their SO rep) were genuinely surprised that this existed and seemed to be very enthusiastic about the idea of portable authentication modules. A recent example: http://stackoverflow.com/questions/5030924/user-group-implementation-compatible-with-jaas/15873533#comment26696282_15873533 markt wrote > No-one said it would be difficult. TomEE has already done it. We'd just > need to lift the code. Difficulty really doesn't come into it. If there > is a demand for it, it will get implemented. If there isn't, it won't. Thanks, that's clear! Btw, didn't you mean Geronimo there, or really TomEE? Last time I checked TomEE didn't have JASPIC implemented yet, but Geronimo of course has. markt wrote > At the moment the main driver for this, in my view, is to provide an API > for folks that want to do things like this: > https://issues.apache.org/bugzilla/show_bug.cgi?id=54503 Yes, I see. That's a very good example. Thanks a lot for your detailed response. Kind regards, Arjan Tijms -- View this message in context: http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5003179.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
