[security-dev] security domain solely as a metadata store
bburke at redhat.com
Tue Jul 31 17:23:40 EDT 2012
I want to discuss a bit about what a AS7/Pickelink security domain's
responsibilities should be in the new architecture. Currently the
responsibilities of the security domain are blurred. Sometimes its just
a metadata store (user/password), sometimes it partially implements a
security protocol, sometimes it implements all of a protocol.
I'd like to make the case that the security domain is solely a metadata
store and that it should not handle anything protocol related. Protocol
related processing should be done in a Web filter/valve, EJB
interceptor, or whatever is available at the protocol level.
Picketbox should be a set of utilities for helping to build security
JBoss, a division of Red Hat
More information about the security-dev