Hi Guys,
We have to add EntraID (OpenID) support to one of our applications and
as such are going to move away from Tomcat's Container managed security.
After some reading we found that both Shiro and Spring Security appear
to be good solutions and I was hoping to tap in the groups knowledge as
to the pros and cons of each for a struts based app.
Key points we are mindful of are:
* We are currently on Struts 6 but will be moving to 7 in the next 12
months
* We already use the struts spring plugin for dependency injection
* We will need to support JDBC auth in combination with two other AD
sources
Any constructive advice is appreciated as we are not out to start
something here just looking for the best solution with clear requirements.
Z.
