[jira] [Updated] (ISIS-3305) [DISCUSS] Re-platform on top of Spring security.
[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andi Huber updated ISIS-3305: - Description: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support -> or perhaps provide a default Spring Security integration if simple enough # -drop Keycloak support- -> keep Keycloak, provide a default Spring Security integration # instead fully integrate with Spring Security -> YES (not instead) # -drop SudoService- -> NO keep # -instead provide impersonation via a specialized login page- # drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only the Wicket Viewer, we don't yet need to think about this too hard # instead provide simple replacements under /security/... central to the application (not using Wicket) -> a common /logout would make sense, however viewer specific /login could be kept as is for now Why? Focus on one security stack and do that integration well was: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support -> or perhaps provide a default Spring Security integration if simple enough # -drop Keycloak support- -> keep Keycloak, provide a default Spring Security integration # instead fully integrate with Spring Security -> YES # -drop SudoService- -> NO keep # -instead provide impersonation via a specialized login page- # drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only the Wicket Viewer, we don't yet need to think about this too hard # instead provide simple replacements under /security/... central to the application (not using Wicket) -> a common /logout would make sense, however viewer specific /login could be kept as is for now Why? Focus on one security stack and do that integration well > [DISCUSS] Re-platform on top of Spring security. > > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Task >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: > # drop Shiro support -> or perhaps provide a default Spring Security > integration if simple enough > # -drop Keycloak support- -> keep Keycloak, provide a default Spring > Security integration > # instead fully integrate with Spring Security -> YES (not instead) > # -drop SudoService- -> NO keep > # -instead provide impersonation via a specialized login page- > # drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only > the Wicket Viewer, we don't yet need to think about this too hard > # instead provide simple replacements under /security/... central to the > application (not using Wicket) -> a common /logout would make sense, however > viewer specific /login could be kept as is for now > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (ISIS-3305) [DISCUSS] Re-platform on top of Spring security.
[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andi Huber updated ISIS-3305: - Description: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support -> or perhaps provide a default Spring Security integration if simple enough # -drop Keycloak support- -> keep Keycloak, provide a default Spring Security integration # instead fully integrate with Spring Security -> YES # -drop SudoService- -> NO keep # -instead provide impersonation via a specialized login page- # drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only the Wicket Viewer, we don't yet need to think about this too hard # instead provide simple replacements under /security/... central to the application (not using Wicket) -> a common /logout would make sense, however viewer specific /login could be kept as is for now Why? Focus on one security stack and do that integration well was: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support # drop Keycloak support # instead fully integrate with Spring Security # drop SudoService # instead provide impersonation via a specialized login page # drop Wicket's .../login, .../logout # instead provide simple replacements under /security/... central to the application (not using Wicket) Why? Focus on one security stack and do that integration well > [DISCUSS] Re-platform on top of Spring security. > > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Task >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: > # drop Shiro support -> or perhaps provide a default Spring Security > integration if simple enough > # -drop Keycloak support- -> keep Keycloak, provide a default Spring > Security integration > # instead fully integrate with Spring Security -> YES > # -drop SudoService- -> NO keep > # -instead provide impersonation via a specialized login page- > # drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only > the Wicket Viewer, we don't yet need to think about this too hard > # instead provide simple replacements under /security/... central to the > application (not using Wicket) -> a common /logout would make sense, however > viewer specific /login could be kept as is for now > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (ISIS-3305) [DISCUSS] Re-platform on top of Spring security.
[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andi Huber updated ISIS-3305: - Issue Type: Task (was: Improvement) > [DISCUSS] Re-platform on top of Spring security. > > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Task >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: > # drop Shiro support > # drop Keycloak support > # instead fully integrate with Spring Security > # drop SudoService > # instead provide impersonation via a specialized login page > # drop Wicket's .../login, .../logout > # instead provide simple replacements under /security/... central to the > application (not using Wicket) > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (ISIS-3305) [DISCUSS] Re-platform on top of Spring security.
[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andi Huber updated ISIS-3305: - Description: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support # drop Keycloak support # instead fully integrate with Spring Security # drop SudoService # instead provide impersonation via a specialized login page # drop Wicket's .../login, .../logout # instead provide simple replacements under /security/... central to the application (not using Wicket) Why? Focus on one security stack and do that integration well was: as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] Andi's wish list of changes is: # drop Shiro support # drop Keycloak support # instead fully integrate with Spring Security # drop SudoService # instead provide impersonation via a specialized login page # drop Wicket's .../login, .../logout # instead provide simple replacements under /security/... central to the application (not using Wicket) Why? Focus on one security stack and do that integration well > [DISCUSS] Re-platform on top of Spring security. > > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Improvement >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: > # drop Shiro support > # drop Keycloak support > # instead fully integrate with Spring Security > # drop SudoService > # instead provide impersonation via a specialized login page > # drop Wicket's .../login, .../logout > # instead provide simple replacements under /security/... central to the > application (not using Wicket) > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (ISIS-3305) [DISCUSS] Re-platform on top of Spring security.
[ https://issues.apache.org/jira/browse/ISIS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Keir Haywood updated ISIS-3305: -- Fix Version/s: 2.1.0 > [DISCUSS] Re-platform on top of Spring security. > > > Key: ISIS-3305 > URL: https://issues.apache.org/jira/browse/ISIS-3305 > Project: Isis > Issue Type: Improvement >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Priority: Major > Fix For: 2.1.0 > > > as per [https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299] > > Andi's wish list of changes is: # drop Shiro support > # drop Keycloak support > # instead fully integrate with Spring Security > # drop SudoService > # instead provide impersonation via a specialized login page > # drop Wicket's .../login, .../logout > # instead provide simple replacements under /security/... central to the > application (not using Wicket) > Why? Focus on one security stack and do that integration well > -- This message was sent by Atlassian Jira (v8.20.10#820010)