[jboss-dev-forums] [PicketBox Development] - JBoss AS7: Enabling JASPI Authentication for Web Applications
arjan tijms
do-not-reply at jboss.com
Mon Jun 4 15:07:39 EDT 2012
arjan tijms [https://community.jboss.org/people/atijms] commented on the document
"JBoss AS7: Enabling JASPI Authentication for Web Applications"
To view all comments on this document, visit: https://community.jboss.org/docs/DOC-17782#comment-10019
--------------------------------------------------
> Anil Saldhana wrote:
>
>
> > Unless we see widespread adoption of JSR 196 usage, we will not make it the default.
>
Ok, thanks for explaining that. Adoption surely seems to be an issue, but does that really matter if JBoss uses this API for "internal" purposes? The current JASPI auth modules that ship with JBoss seem to be using JBoss/Tomcat APIs for their implementation, and thus can't be used with any other AS anyway.
So one thing I'm still wondering about is what the intended use case is for modules like "org.jboss.as.web.security.jaspi.modules.HTTPBasicServerAuthModule".
Those are not the default (and as you just explained, will probably not become default anytime soon), but the user can activate them. Since the same functionality is also provided by the traditional modules, why would a user want to use "org.jboss.as.web.security.jaspi.modules.HTTPBasicServerAuthModule"?
--------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120604/3feef1f7/attachment.html
More information about the jboss-dev-forums
mailing list