[jboss-as7-dev] Management Console JDK Server Example

Heiko Braun hbraun at redhat.com
Fri Jan 21 05:29:16 EST 2011 


I would suggest Darran and Anil actually specify the runtime facilities/services the 
security components need. We need concrete requirements to actually take a decision
on the argument "embedded http vs. servlet engine".

Ike

On Jan 21, 2011, at 11:22 AM, Darran Lofthouse wrote:

> Yes I also have the same concern for the JDK implementation, if we are able to use the JBoss Web installation that Anil and Marcus are integrating with we gain all of the benefits of the work already implemented if not the same integration becomes required for the JDK server.
> 
> On the other hand however if the security subsystem worked with both JBoss Web and the JDK server then maybe it would make some of the testing that has been an issue in the past a lot easier.
> 
> Regards,
> Darran Lofthouse.
> 
> 
> 
> On 01/20/2011 09:02 PM, Andrig Miller wrote:
>> Overall, I'm concerned about the security aspects of this console, and how it will fit in with a customers overall security implementation.  Considering customers like Mastercard, which have network devices for encryption and key management, etc., they will want everything to be able to work through that infrastructure, and not have to manage security differently for our console.
>> 
>> This type of thing could become a very real impediment to adoption of EAP 6 down the road.
>> 
>> Let's make sure we include Anil and his folks in these security discussions, so we don't end up with something that doesn't fit into the long term goals, and potentially becomes a show stopper for customer to adopt the next major EAP release.
>> 
>> Andy
>> 
>> ----- Original Message -----
>>> From: "Heiko Braun"<hbraun at redhat.com>
>>> To: ssilvert at redhat.com
>>> Cc: jboss-as7-dev at lists.jboss.org
>>> Sent: Thursday, January 20, 2011 10:10:43 AM
>>> Subject: Re: [jboss-as7-dev] Management Console JDK Server Example
>>> On Jan 20, 2011, at 6:02 PM, ssilvert at redhat.com wrote:
>>> 
>>>>> It's not reinventing the servlet API, it's using an alternative one
>>>>> that accomplishes then same thing but with minimal overhead.
>>>> 
>>> 
>>> 
>>> Let's get back to more concrete requirements. I already suggested a
>>> discussion about security to begin with.
>>> If any of those identify a dependency on the servlet API, or reveal
>>> that supporting libraries
>>> that depend on the servlet API help us achieving our goals with less
>>> work, then we should consider a servlet runtime.
>>> 
>>> If nothing of that is the case, fine, then proceed with the embedded
>>> server approach.
>>> 
>>> 
>>> Another thing that we might consider it configuration of the HTTP
>>> endpoints.
>>> TLS has been mentioned. How would that work on embedded HTTP? How
>>> would you specify
>>> and use certificates? Would we need to write all that on our own?
>>> 
>>> Might look trivial, but simple bit's easily add up to a pile of work.
>>> 
>>> Ike
>>> 
>>> 
>>> _______________________________________________
>>> jboss-as7-dev mailing list
>>> jboss-as7-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>> _______________________________________________
>> jboss-as7-dev mailing list
>> jboss-as7-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>

More information about the jboss-as7-dev mailing list