On 9/22/11 5:46 PM, David M. Lloyd wrote:
I'm going to put on my Bill hat here and say, "JSR 196 is
crap".
Its not just JSR196. SAML is crap. XACML is crap. Its horrible
horrible stuff. The only reason we should implement it is to integrate
with other vendor's products.
Also plugging in your own authentication mechanism in AS7 is crap too,
specially, modules are a mess. Unless you fixed some things in the last
month. But thats another conversation I want to have.
I've been saying this exact thing for over a year now. And the
response
has ever been "we'll have a call, we'll talk about it, we'll gather
requirements, let's write an agenda, get some minutes, talk talk talk talk".
Yup. I can't wait any longer. Too many of our users want our OAuth
work integrated. THere's a whole story around security, web-apps, and
REST I'm trying to putting together as well. The thing is we also need
some *real* management on this stuff as well.
Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com