[security-dev] PicketLink restructure

Pete Muir pmuir at redhat.com
Tue Oct 2 10:51:26 EDT 2012 

What about picketlink-javaee as the main module name?

On 2 Oct 2012, at 07:48, Shane Bryzak wrote:

> Ok, let me lay it all out in a way that hopefully makes some more sense ;)
> 
> In reviewing all of our various security offerings, it became quickly apparent to me that a new developer looking at our stuff would most likely become quickly confused - in fact there was even quite a bit of confusion during our recent Elluminate call as to which security modules did what.  After Anil and I had a discussion about this we agreed that the first steps in reducing this confusion would be to re-purpose PicketLink as the "go to" project for security for Java EE developers.  This greatly simplifies our message and gives us a single place to which we direct people who are looking for a security solution for their projects.  PicketLink will be where we can point previous users of Seam Security to, and will compete head to head with other well-known "complete" security frameworks.
> 
> In terms of Java SE, the only requirements I am aware of are those of the AS team wishing to use the IDM libraries - to this end we've maintained IDM as a submodule of PicketLink, without any CDI dependency.  For a typical EE developer who just wants to get started, we simply tell them to add picketlink-core to their Maven dependencies which gives them everything.  Just to be clear about what's in picketlink-core, it's simply the user session state management (i.e. the Identity bean), authentication API (which is based on CDI), CDI-enabled configuration for IDM, and the ACL Permissions API (built on DeltaSpike's security binding types). All of this is quite CDI-specific (except for the permissions stuff which could theoretically be rewritten as JavaSE however I have no interest in doing so).
> 
> I can understand how at first glance it might seem weird that some modules are targetted at SE while core is EE, however it's my opinion that we shouldn't be pushing PicketLink as a set of "modules" anyway.  The separation of the IDM module is only for the AS team's benefit, otherwise this feature would be part of core itself.  In fact, I think we should downplay that it even consists of multiple modules.
> 
> Remember, this is just the first step towards unifying our security message. We've still got a lot of work to do, including further discussions about what we do with PicketBox, which I hope we address in the coming weeks.  Hopefully this has been helpful in shedding some light on the motivations for this restructure.
> 
> Shane
> 
> 
> 
> On 03/10/12 00:08, Pete Muir wrote:
>> Or maybe I'm just confused about the naming, it seems odd to me for "core" to target Java EE, whilst modules target Java SE...
>> 
>> On 2 Oct 2012, at 05:35, Pedro Igor Silva wrote:
>> 
>>> If I understood correctly, Pete asked for something like we have with PicketBox. A core project for Java SE and a cdi-based one with the cdi glue code.
>>> 
>>> That way we can work with core functionality and expose those for some specific environment: CDI, JAX-RS, EJB, WS, AS, etc. This can also help others using picketlink in their projects.
>>> 
>>> Regards.
>>> Pedro Igor
>>> 
>>> ----- Original Message -----
>>> From: "Shane Bryzak" <sbryzak at redhat.com>
>>> To: "Pete Muir" <pmuir at redhat.com>
>>> Cc: security-dev at lists.jboss.org
>>> Sent: Monday, October 1, 2012 11:03:22 PM
>>> Subject: Re: [security-dev] PicketLink restructure
>>> 
>>> On 02/10/12 10:00, Pete Muir wrote:
>>>> It seems odd to me that CDI is called core? I thought the idea was that picketlink core would be pure Java SE, and CDI support gets added on top.
>>> Some of the modules are Java SE (IDM, Social) and core is the CDI-based
>>> "glue" that integrates it all into an easily consumable package for EE devs.
>>>> But +1 to the merge. The more we can put under one project, with one brand the better.
>>>> 
>>>> I talked to Anil about merging PicketBox into PicketLink as well, as "just another module" and I think this will make things a lot simple for users to understand.
>>>> 
>>>> On 1 Oct 2012, at 15:30, Shane Bryzak wrote:
>>>> 
>>>>> In the interests of presenting a clear message to our developers, one of the steps we'll be taking is to consolidate the various PicketLink projects into a single project and presenting this as the "go to" solution for application security.  For now I've merged the CDI and IDM subprojects (these are now submodules of the PicketLink project, with "CDI" renamed to "Core") and the plan is to eventually merge the social and federation modules also.
>>>>> 
>>>>> You can find the new GitHub repository here: https://github.com/picketlink (renamed from picketlink-cdi) and the picketlink-idm repository has now been deleted.  For anyone working on these modules, please use the new repository from now on.
>>>>> 
>>>>> Thanks!
>>>>> Shane
>>>>> _______________________________________________
>>>>> security-dev mailing list
>>>>> security-dev at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/security-dev
>>> 
>>> _______________________________________________
>>> security-dev mailing list
>>> security-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/security-dev
> 
>

More information about the security-dev mailing list