[wildfly-dev] Remove PL from WFLY

arjan tijms arjan.tijms at gmail.com
Sat Aug 20 06:08:33 EDT 2016 

Hi,

Practically speaking, would the replacement allow JASPIC to be
automatically activated (based on whether the developer registered a SAM
from within the application)?

If I'm not mistaken, this was one of the things made difficult by
PicketLink and the current way JBoss/WildFly sets up security.

One question; what's the relation between Elytron and Keycloak as
replacements or new security systems here?

Kind regards,
Arjan Tijms


On Sat, Aug 20, 2016 at 4:37 AM, Anil Saldanha <anilsaldhana at gmail.com>
wrote:

> IMO after seven years in existence - all software needs to be rewritten or
> adapted or retired.
>
> Time to retire PicketBox and PicketLink from WildFly. Better alternatives
> exist hopefully.
>
> On Aug 19, 2016, at 9:11 AM, Tomaž Cerar <tomaz.cerar at gmail.com> wrote:
>
> There have also be complains from community why we downgraded the
> PicketLink in WF10
> and now there is a migration problem from WF9 --> 10. [1]
>
> If we remove it, we would just keep the mgmt stub so we can still manage
> mixed-domain with older versions.
> Similarly as we did with osgi & friends back in the day.
> It was already deprecated in 10, so we could remove it in 11 or later.
>
> --
> tomaz
>
> [1] https://issues.jboss.org/browse/WFLY-5196
>
>
> On Fri, Aug 19, 2016 at 4:03 PM, Pedro Igor Silva <psilva at redhat.com>
> wrote:
>
>> Hi,
>>
>>     On the last few days I've been discussing with Tomaz about the
>> possibility to remove PL from WFLY.
>>
>>     The reasons for that are:
>>
>>         - PicketLink was deprecated in favor of Keycloak. See [1] and [2].
>>         - Fixes are only being done to product version by GSS/SEG teams.
>>         - Most PL IdM and Federation capabilities such as SAML (plus a
>> plenty of other things) are now available from Keycloak.
>>
>>     I think we can still provide an installer (we already have that) that
>> could be used to enable PL to a WFLY installation. That would help people
>> using PL to continue with their designs. But for PL Federation and
>> Subsystem, Keycloak should be the best way to go.
>>
>>     Any comments ?
>>
>> Regards.
>> Pedro Igor
>>
>> [1] http://picketlink.org/news/2015/03/10/PicketLink-and-Keycloa
>> k-project-merge/
>> [2] http://picketlink.org/keycloak-merge-faq/
>> _______________________________________________
>> wildfly-dev mailing list
>> wildfly-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20160820/ebfffcae/attachment.html

More information about the wildfly-dev mailing list