[security-dev] PicketLink Version and "Core" Module name

Shane Bryzak sbryzak at redhat.com
Thu Oct 18 16:09:15 EDT 2012


On 19/10/12 01:34, Anil Saldhana wrote:
> a) I am presuming we have agreement that the PicketLink version for the
> consolidated workspace should be v3.x

+1, I've gone ahead and updated the version number.   On a site note, 
some of the LDAPIdentityStore tests have started failing and I'm not 
sure why.  Anil, if you have time could you please take a look at this?  
Otherwise I can delve deeper into it later today.

> b) Regarding the module name "core" that most of us want renamed to "cdi".
> I do not see issues with it called "core" as long as PL 2.x federation
> users on non-ee environments upgrading to PL3 do not have a requirement
> to have CDI/Weld jars. Ideally we cannot force users to require Weld
> jars to run SAML on tomcat, for example.

I'm -1 on renaming core to cdi.  To me this seems like a ridiculous 
idea, akin to Spring Security calling their core module "spring", or 
Hibernate calling their core module "db".  If we're going to be pushing 
PicketLink as being a complete security integration framework for EE6 
then it would be redundant and non-intuitive to name the core module 
cdi.  As for PicketLink Federation, if there is an SE requirement for it 
then we can just implement it as a submodule like we've done for IDM, 
and make a note in the documentation that it is possible to use it 
standalone in an SE environment.



> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev




More information about the security-dev mailing list