On Mon, Mar 8, 2010 at 12:50 AM, PicketBox JBoss <picketbox@gmail.com> wrote:
  it will be beneficial if we know what is lacking in Seam from security perspective such that the holes may be plugged.

It's not that (obvious) features were missing in the Seam Security API itself, but rather in the cross-application security concerns. For instance, people always asked "how do I use one identity for several applications." So I think you have this covered, it is just a matter of being able to wire it all together now.

As a minor note, there were people who wanted to do more w/ LDAP. Currently, we only support ACLs through the JPA provider.


Dan Allen
Senior Software Engineer, Red Hat | Author of Seam in Action
Registered Linux User #231597