On 06/04/2014 09:46 AM, Darran Lofthouse wrote:
On 04/06/14 15:03, Anil Saldhana wrote:
> On 06/04/2014 03:01 AM, Darran Lofthouse wrote:
>> On 03/06/14 21:19, Stan Silvert wrote:
>>> Also, Keycloak is much more than just SSO infrastructure. Other
>>> features like user management, password management, auditing, skinning,
>>> and the nice UI make it an excellent choice for applications that don't
>>> require SSO. Who wants to keep coding all that stuff by hand?
>> Auditing I am deliberately ignoring other than to say that is going to
>> be a big topic in itself ;-) We already have two auditing solutions in
>> WildFly one purely for management, the other for apps - the app auditing
>> is tied very closely to the JAAS integration so we know something will
>> happen in that area. From the perspective of wildfly-elytron we haven't
>> reviewed auditing yet as it should not be driving the security solution.
> The App auditing is not tied to JAAS. It is done in the EJB and Web security
> integration. I am tired of people just equating what we have to JAAS. JAAS
> is an implementation detail.
Sorry you are quite right, what I mean to say was the current app audit
logging is in the container to PicketBox integration points which is an
area that will be re-visited in the wildfly-elytron efforts.
No apologies
necessary. :-) I think PicketBox has to be respected for all
it does and not completely tie it to JAAS, since that is just an
implementation detail.
I am hoping all the shortcomings we have in PBox to be rectified in
WildFly Elytron.