[aerogear-dev] Aerogear Security (Picketlink)? enhancements
Karel Piwko
kpiwko at redhat.com
Tue Nov 5 07:08:10 EST 2013
Hey,
I've integrated Aerogear Security with PicketLink installed as JBoss submodule.
I find following challenges complicating the setup/reducing feature set and I
think they should be addressed:
1/ Aerogear Security Submodule - if you install PL as module and add it as
dependency into jboss-deployment-structure.xml, you need to manually exclude
plenty of PL deps from pom.xml. I think that easiest way how make setup more
convenient would be to create Aerogear Security PL submodule on top
of PL submodule and then easily mark aerogear-security-pickelink as 'provided'
in pom.xml
2/ AuthenticationManager/CredentialsMatcher is limited to (T user,
String password). However, PL allows more ways of authentication [1] and here we
are simply reducing feature set. I think there should be login(T user, C
credentials) operation as well. There could also be just login(T user) and impl
will be responsible to inject/produce/select correct CredentialsHandler.
Let me know your opinions and I can create JIRAs based on outcome.
Thanks,
Karel
[1] http://docs.jboss.org/picketlink/2/latest/reference/html_single/#d5e776
More information about the aerogear-dev
mailing list