Re: Java EE Security API for EE 8

Yes, these need to be moved to Geronimo, but I think not at this time. I would like to have a more stable implementation before moving this over to Geronimo. There are still a lot of things missing, including in the API and is just easier to get this done in a single project. > On 11 Jan 2019,

Re: Java EE Security API for EE 8

I have added geronimo-specs-security_1.0 to geronimo-specs and let geronimo-dev about the issue. After receiving some response, I can commit the code. On Fri, Jan 11, 2019 at 9:50 PM Gurkan Erdogdu wrote: > Ok then I created subtask, > https://issues.apache.org/jira/browse/TOMEE-2453 under the m

Re: Java EE Security API for EE 8

Ok then I created subtask, https://issues.apache.org/jira/browse/TOMEE-2453 under the main issue, https://issues.apache.org/jira/browse/TOMEE-2365 Can you please assign it to me? On Fri, Jan 11, 2019 at 12:58 PM Jean-Louis Monteiro < jlmonte...@tomitribe.com> wrote: > That’d be great. > I have c

Re: Java EE Security API for EE 8

That’d be great. I have commit permissions so if you need help help or something. Lemme know. Le ven. 11 janv. 2019 à 07:12, Gurkan Erdogdu a écrit : > Hello Roberto > We probably need to move javax.security.enterprise.* package to geronimo > specs project (https://github.com/apache/geronimo-sp

Re: Java EE Security API for EE 8

Hello Roberto We probably need to move javax.security.enterprise.* package to geronimo specs project (https://github.com/apache/geronimo-specs) and then adding dependency to our javaee-api. After that we also need to release geronimo-specs. If you want, I can work on to create a new project in gero

Re: Java EE Security API for EE 8

Hi, I’ve merged the current state of the code. In the meanwhile, I’ll write some documentation to help to understand the implementation. Cheers, Roberto > On 8 Jan 2019, at 15:19, Gurkan Erdogdu wrote: > > Hello Roberto, > Thank you for initiating this integration. > Can you prepare a small

Re: Java EE Security API for EE 8

Hello Roberto, Thank you for initiating this integration. Can you prepare a small documentation (and also send to here) which helps contributors to understand the internals about your current commit. Regards. Gurkan On Tue, Jan 8, 2019 at 6:14 PM Roberto Cortez wrote: > Hi folks, > > I think I’

Re: Java EE Security API for EE 8

Hi folks, I think I’m now done with the FormAuthentication. There are still things left to implement. At the moment, the code is part of the project but is not part of the binary. I would like to merge the current PR: https://github.com/apache/tomee/pull/277

Re: Java EE Security API for EE 8

Thanks! I’ll have a look! > On 28 Dec 2018, at 20:34, David Jencks wrote: > > Perhaps I didn’t recall correctly, or perhaps I implemented it for Jetty (at > eclipse). The code I’ve found at > http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/

Re: Java EE Security API for EE 8

Perhaps I didn’t recall correctly, or perhaps I implemented it for Jetty (at eclipse). The code I’ve found at http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/security/authentication/

Re: Java EE Security API for EE 8

Hi David, Actually, the EE 8 Security spec tells you to use a JASPIC bridge underneath the implementation, so your code might be a good fit. Can you point me out to the sources so I can have a look? Thank you! Cheers, Roberto > On 28 Dec 2018, at 03:40, David Jencks wrote: > > IIRC I wrote

Re: Java EE Security API for EE 8

IIRC I wrote a JASPIC form authentication for the geronimo server long ago. Although the JASPIC deployment model was somewhat incomprehensibly bizarre, the conversation model was very nice. Depending on what the EE 8 api is (I haven’t looked) the JASPIC implementation might be a source for webse

Re: Java EE Security API for EE 8

Update: I’ve started the implementation of the FormAuthenticationMechanism. Is not as easy as it sounds, since it requires some conversation chat across requests. I thought about wrapping all the logic and use the Tomcat FormAuthenticator, since it does exactly what we need. Unfortunately, it i

Re: Java EE Security API for EE 8

Hi folks, I’ve updated the PR with new changes: - I’ve implemented a CDI Extension to create AuthenticationMechanism beans and a CDI class to keep track of the mapping between the authentication mechanism and the servlet that should be checked. When a Servlet is executed the mapping is checked

Re: Java EE Security API for EE 8

TomEE Security works for me. Bruno Baptista https://twitter.com/brunobat_ On 19/12/18 00:20, Roberto Cortez wrote: Hi folks, Work is progressing. I’ve added a good chunk of the API (as needed) to allow me to proceed. I’ve tried to use the Jakarta Security API jar. Unfortunately, it is full

Re: Java EE Security API for EE 8

Hi folks, Work is progressing. I’ve added a good chunk of the API (as needed) to allow me to proceed. I’ve tried to use the Jakarta Security API jar. Unfortunately, it is full of dependencies to the other Jakarta dependent projects, some not in central yet, so I couldn’t even build the project

Re: Java EE Security API for EE 8

Hi folks, I’ve now created a PR to push the work: https://github.com/apache/tomee/pull/277 It is still in the early stages. I’ve just spent a good amount of time trying to understand the spec. The ideia here is that with a ServerAuthModule we could ve

Java EE Security API for EE 8

Hi folks, I’ve created https://jira.apache.org/jira/browse/TOMEE-2365 to implement the Java EE Security API that came up in EE 8. We are missing this spec implementation, and until we have it we cannot even say we are EE 8 compatible. I plan to