Hi,
See you guys are making good progress with the JASPIC implementation in
Tomcat.
One commit that I noticed is the following:
https://github.com/apache/tomcat/commit/3e1b4931867a12a74e9e9fe7ff86484cc65a21e6
It says: "Remove the programmatic login/logout override, as I don't see how
JASPIC can
2015-10-20 8:18 GMT+02:00 Fjodor Vershinin :
> Hi, I had reviewed patches left from summer. There are patches for
> supporting property configurator, SPNEGO module and some refactorings.
> You can have a look here:
> https://github.com/fjodorver/tomcat/tree/feature/spnego
> The next thing I would
Hi, I had reviewed patches left from summer. There are patches for
supporting property configurator, SPNEGO module and some refactorings.
You can have a look here:
https://github.com/fjodorver/tomcat/tree/feature/spnego
The next thing I would like to polish JASPIC implementation in order to get
it
2015-10-16 17:18 GMT+02:00 Arjan Tijms :
> On Fri, Oct 16, 2015 at 4:27 PM, remm [via Tomcat]
> wrote:
> > 2015-10-16 16:11 GMT+02:00 Arjan Tijms <[hidden email]>:
> > I was not talking about this future specification, since I never had a
> look.
>
> Okay, my bad. I thought it was in reply to the
On Fri, Oct 16, 2015 at 4:27 PM, remm [via Tomcat]
wrote:
> 2015-10-16 16:11 GMT+02:00 Arjan Tijms <[hidden email]>:
> I was not talking about this future specification, since I never had a look.
Okay, my bad. I thought it was in reply to the JSR 375 work.
But what did you mean exactly then? Tom
2015-10-16 16:11 GMT+02:00 Arjan Tijms :
> Hi,
>
> On Fri, Oct 16, 2015 at 3:35 PM, remm [via Tomcat]
> wrote:
> > I still think it is far preferable at the moment to implement 4 or 5
> > proprietary auth "modules"
>
> Well, the higher level functionality does not necessarily mean that
> JSR 375
Hi,
On Fri, Oct 16, 2015 at 3:35 PM, remm [via Tomcat]
wrote:
> I still think it is far preferable at the moment to implement 4 or 5
> proprietary auth "modules"
Well, the higher level functionality does not necessarily mean that
JSR 375 is going to provide standard authentication modules that b
2015-10-16 13:25 GMT+02:00 Arjan Tijms :
> Hi,
>
> Those are indeed the main reasons for JASPIC. JASPIC authentication
> modules should be fully equivalent to any of the build-in
> authentication mechanisms like FORM, BASIC, etc in terms of what they
> can do and how they are treated by the contai
Hi,
On Fri, Oct 16, 2015 at 12:56 PM, Jess Holle [via Tomcat]
wrote:
> My understanding with JASPIC is that one should be able to add
> authentication mechanisms that (1) use the same code across any
> container that supports JASPIC [as Mark notes] and (2) still use
> standard security constraint
2015-10-16 12:51 GMT+02:00 Mark Thomas :
> The main benefit for me is that once Tomcat implements JASPIC, there are
> a handful of 3rd party modules that users will then be able to use just
> by adding the lib to Tomcat. It also provides a standard API for users
> to work against if they want to d
On 10/16/2015 5:51 AM, Mark Thomas wrote:
On 16/10/2015 11:44, Rémy Maucherat wrote:
What's not clear to me at this point is if jaspic should replace the
current "classic" auth methods. For example, the supposed benefit of jaspic
is that it makes container auth not proprietary, but looking at th
On 16/10/2015 11:44, Rémy Maucherat wrote:
> What's not clear to me at this point is if jaspic should replace the
> current "classic" auth methods. For example, the supposed benefit of jaspic
> is that it makes container auth not proprietary, but looking at the code
> that is there it sounds sti
2015-10-15 3:03 GMT+02:00 Fjodor Versinin :
> Hi!
> Actually, I would like to continue to work on this, but not in GSOC scope
> anymore, because that expirience was too stressful for me.
> What about current JASPIC implementation, it is almost ready, so I think
> it would be better to keep already
On 15/10/2015 02:03, Fjodor Versinin wrote:
> Hi! Actually, I would like to continue to work on this, but not in
> GSOC scope anymore, because that expirience was too stressful for
> me. What about current JASPIC implementation, it is almost ready, so
> I think it would be better to keep already wr
Hi!
Actually, I would like to continue to work on this, but not in GSOC scope
anymore, because that expirience was too stressful for me.
What about current JASPIC implementation, it is almost ready, so I think it
would be better to keep already wroten code than rewriting it from a scratch.
What
of JSR 196 (JASPIC) in
Tomcat 7.0.x
Hi there,
Haven't seen updates for some time here. Wonder what the current status is and
what exactly happened in the last months. Last commits in the Tomcat repo are
from 3 months ago.
Kind regards,
Arjan Tijms
On Thu, Jun 11, 2015 at 10:39 AM, markt
On 14/10/2015 13:00, Arjan Tijms wrote:
> Hi there,
>
> Haven't seen updates for some time here. Wonder what the current
> status is and what exactly happened in the last months. Last commits
> in the Tomcat repo are from 3 months ago.
The GSoC student took the money and ran at the mid-term evalu
Hi there,
Haven't seen updates for some time here. Wonder what the current
status is and what exactly happened in the last months. Last commits
in the Tomcat repo are from 3 months ago.
Kind regards,
Arjan Tijms
On Thu, Jun 11, 2015 at 10:39 AM, markt [via Tomcat]
wrote:
> On 10/06/2015 16:43
On 10/06/2015 16:43, Arjan Tijms wrote:
> Hi,
>
> On Wed, Jun 10, 2015 at 3:28 PM, markt [via Tomcat] <
> ml-node+s10n5035887...@n6.nabble.com> wrote:
>
>> I don't really understand what the requirement is here. Can you expand /
>> point me to the part of the spec?
>>
>
> It's simply that from w
Hi, David!
> Is the hope that these existing forms of auth will be ported and plugged
> in through the JASPIC support? That would be quite excellent if so.
>
Yes, this is our main goal, actually. Implementing JASPIC is only part of
my GSOC project.
--
Thanks,
Fjodor
Hi folks! Great to see this thread picking up steam.
On Jun 10, 2015, at 6:12 AM, Mark Thomas wrote:
> On 10/06/2015 13:34, Fjodor Vershinin wrote:
>
>> And what about code backward compatibility for Geronimo,
>> should code ported back, or new Geronimo release can use our
>> implementation?
>
Hi,
On Wed, Jun 10, 2015 at 3:28 PM, markt [via Tomcat] <
ml-node+s10n5035887...@n6.nabble.com> wrote:
> I don't really understand what the requirement is here. Can you expand /
> point me to the part of the spec?
>
It's simply that from within a SAM you can forward/include to a Servlet
using a
Hi,
On Wed, Jun 10, 2015 at 3:09 PM, markt [via Tomcat] <
ml-node+s10n5035886...@n6.nabble.com> wrote:
> A Valve is certainly a likely candidate since the current Authenticator
> implementations are all Valves. It really depends on whether access is
> required to Tomcat's internals. If you need a
On 10/06/2015 14:04, Arjan Tijms wrote:
>> We are implementing JASPIC 1.1, and there will be quite a
>> lot changes anyway.
>
>
> JASPIC 1.1 itself was not a huge change over JASPIC 1.0, but it did put
> some extra requirements in place like the ability to forward and include
> resources using t
On 10/06/2015 13:34, Fjodor Vershinin wrote:
> Hi, guys!
"guys" can be taken as referring to men only. Something like the gender
neutral "all" would be more inclusive.
> This week goal is to replace current valve based authentication with JASPIC
> based mechanism. It is what I am currently workin
Hi,
On Wed, Jun 10, 2015 at 2:31 PM, Fjodor Vershinin [via Tomcat] <
ml-node+s10n5035882...@n6.nabble.com> wrote:
> Hi, guys!
> This week goal is to replace current valve based authentication with
> JASPIC
> based mechanism. It is what I am currently working on.
>
Nice ;)
> From my research G
Hi, guys!
This week goal is to replace current valve based authentication with JASPIC
based mechanism. It is what I am currently working on.
>From my research Geronimo's implementation is also based on tomcat's
valves, and it's pretty straightforward how to integrate SecurityValve into
Tomcat's cod
Hi,
Fjodor, for you (and everyone else interested) I've created a central hub
page for JASPIC on ZEEF.com, see https://jaspic.zeef.com
It contains links to existing implementations, various examples, articles,
and background.
Hope it helps!
Kind regards,
Arjan Tijms
On Mon, May 4, 2015 at 10:
On 04/05/2015 10:49, Fjodor Vershinin wrote:
> Good news, everyone!
> I am happy to announce that our project has been accepted to participate in
> GSoC. Now it's community binding period, so I need to introduce myself to
> other developers.
> Some brief information about me: My name is Fjodor Vers
Hi,
Great news!
Do you have any definite start date for the actual coding already?
A short while ago I did a very small and simple implementation of the
Servlet BASIC auth mechanism using JASPIC, which is one of the 4 mechanisms
required by Servlet.
See:
https://github.com/omnifaces/omnisecurit
Good news, everyone!
I am happy to announce that our project has been accepted to participate in
GSoC. Now it's community binding period, so I need to introduce myself to
other developers.
Some brief information about me: My name is Fjodor Vershinin, I am 2'th
grade computer science student from Es
Hello!
It looks like ASF has been selected for GSOC 2015 and I am interested in
pushing this project forward. So, in meantime I'll start writing proposal
and hope this project will be selected to participate in Gsoc program.
Best regards,
Fjodor.
2015-02-10 22:44 GMT+02:00 Arjan Tijms :
> Hi,
>
>
Hi,
On Tue, Feb 10, 2015 at 8:34 PM, Mark Thomas-2 [via Tomcat]
wrote:
> If you do look at JBoss keep in mind it is GPL licensed and we need to
> be very careful that we don't end up with GPL'd code in Tomcat.
That's absolutely true. The code there shouldn't not be copied in any
way. It's only u
On 10/02/2015 18:42, Arjan Tijms wrote:
> Hi,
>
> On Tuesday, February 10, 2015, Fjodor Vershinin [via Tomcat] <
> ml-node+s10n5029627...@n6.nabble.com> wrote:
>
>> Hello!
>> I am CS student and it looks like that this task is quite interesting. I
>> would take it for GSOC if ASF organization wil
Hi,
On Tuesday, February 10, 2015, Fjodor Vershinin [via Tomcat] <
ml-node+s10n5029627...@n6.nabble.com> wrote:
> Hello!
> I am CS student and it looks like that this task is quite interesting. I
> would take it for GSOC if ASF organization will be selected. Currently I
> have some time to do res
For many years Geronimo has had a modified tomcat version implementing jaspic.
I offered it to tomcat when I wrote it but was declined.
thanks
david jencks
On Feb 10, 2015, at 1:05 PM, Fjodor Vershinin wrote:
> Hello!
> I am CS student and it looks like that this task is quite interesting. I
>
Hello!
I am CS student and it looks like that this task is quite interesting. I
would take it for GSOC if ASF organization will be selected. Currently I
have some time to do research in Tomcat codebase. Could you provide me some
entry points?
Thanks,
Fjodor
--
View this message in context:
http
A couple of months ago my team started looking at integrating JASPIC into
Tomcat. Providing support for JASPIC in Tomcat will reduce the amount of
work required
to provide authentication as well as providing better consistency and
portability across different Tomcat-based projects.
Based on that t
On Aug 15, 2013, at 1:07 AM, Mark Thomas wrote:
>> If you wanted to roll up your sleeves, we'd be more than happy to see it
>> ported or reimplemented in TomEE.
>
> or Tomcat :)
Even better!
-David
-
To unsubscribe, e-mail
Hi,
On Thursday, August 15, 2013, markt [via Tomcat] wrote:
> On 15/08/2013 00:02, David Blevins wrote:
>
> > If you wanted to roll up your sleeves, we'd be more than happy to see it
> ported or reimplemented in TomEE.
>
> or Tomcat :)
Definitely!
I'll also try to contact the guys who said to
On 15/08/2013 00:02, David Blevins wrote:
>
> On Aug 14, 2013, at 2:25 AM, Arjan Tijms wrote:
>
>> markt wrote
>>> No-one said it would be difficult. TomEE has already done it. We'd just
>>> need to lift the code. Difficulty really doesn't come into it. If there
>>> is a demand for it, it will g
On Aug 14, 2013, at 2:25 AM, Arjan Tijms wrote:
> markt wrote
>> No-one said it would be difficult. TomEE has already done it. We'd just
>> need to lift the code. Difficulty really doesn't come into it. If there
>> is a demand for it, it will get implemented. If there isn't, it won't.
>
> Thank
Hi,
markt wrote
> Had you not cut all the context, it would be clear that Ron's question
> was:
>> Does the Tomcat community support the inclusion of the Servlet profile
>> of JSR 196 in the EE web Profile?
> Hence my response. I don't think the Tomcat developers are in a position
> to pass judge
On 13/08/2013 22:58, Arjan Tijms wrote:
> markt wrote
>>> we are contacting standalone and EE web profile Servlet containers
>> [...]
>> The has been very little demand from the Apache Tomcat user community to
>> support the Java EE web profile.
>
> I guess Ron meant Tomcat with the "standalone
markt wrote
>> we are contacting standalone and EE web profile Servlet containers
> [...]
> The has been very little demand from the Apache Tomcat user community to
> support the Java EE web profile.
I guess Ron meant Tomcat with the "standalone Servlet container" and didn't
ask for Tomcat to im
Umm, a few years ago I was quite interested in implementing it for tomcat, but
couldn't raise any support over here. I still think the geronimo-tomcat-jaspic
integration could be adapted to tomcat standalone pretty easily, although I
don't think I'll have time to work on it.
thanks
david jenck
On 06/02/2013 15:45, Ron Monzillo wrote:
> I have posted the question to the TomEE and Caucho/Resin user's lists.
>
> It would also help to know what the level of interest is from Tomcat
> users and developers.
For users@, yours is the first post ever to mention JASPIC. We'll see
what reaction yo
On 2/3/13 5:02 AM, Mark Thomas wrote:
On 30/01/2013 23:57, Ron Monzillo wrote:
Tomcat Experts and Users,
The Servlet Profile of JSR 196 defines the use of the JASPIC SPI in
support of the portable integration
of new and/or custom authentication mechanisms in compatible Servlet
containers.
The
On 01/31/2013 12:57 AM, Ron Monzillo wrote:
Tomcat Experts,
The Servlet Profile of JSR 196 defines the use of the JASPIC SPI in
support of the portable integration
of new and/or custom authentication mechanisms in compatible Servlet
containers.
You probably should ask that to the TomEE user li
On 30/01/2013 23:57, Ron Monzillo wrote:
> Tomcat Experts,
>
> The Servlet Profile of JSR 196 defines the use of the JASPIC SPI in
> support of the portable integration
> of new and/or custom authentication mechanisms in compatible Servlet
> containers.
>
> The Profile is a required component of
50 matches
Mail list logo
