[PicketBox 5] - Authentication API
by Pedro Igor Silva
Hi All,
I would like to know your opinion about the authentication API that is being used by PicketBox 5.You can check an initial documentation here: https://docs.jboss.org/author/display/SECURITY/PicketBox+Authentication+API.
We are considering some requirements during the construction of this API. They are as follows:
- Easy-to-use and fast to get started;
- Flexible architecture providing ways to use different mechanisms like Username/Password, Digest, Certificates, SASL, etc;
- Unified authentication API. Although you can use different mechanisms, the API usage is the same;
- Allow authentication using multiple stores: properties, databases, ldap, etc;
- Hide mechanism`s complexity from users. Users do not need to be aware of the complexities behind a specific mechanism;
- Environment agnostic. You can use it in a pure Java SE application and in a JEE/CDI environment as well;
- Challenge/Response design;
- Authentication Events. Users should be able to observe specific authentication events like pre/pos authentication, failures, etc.
- Auditing.
Regards,
Pedro Igor
12 years, 3 months
Moving DeltaSpike security to PicketLink
by Shane Bryzak
Hey guys,
I'm just looking at the infrastructure we have for doing this, currently
in the PicketLink github repo [1] we have picketlink-idm and cdi
repositories set up. I propose that we rename picketlink-idm to
picketlink-idm-legacy to make way for the new picketlink-idm, and rename
cdi to picketlink-cdi (this module will then contain all the CDI and
DeltaSpike integration for PicketLink IDM, plus some authorization
features such as ACLs and permission management). Are there any
objections to this?
Shane
[1] https://github.com/picketlink
12 years, 3 months
