[security-dev] PicketBox v5.0.0.Final is out

Bruno Oliveira bruno at abstractj.org
Wed Feb 13 05:45:26 EST 2013



On Friday, February 8, 2013 at 9:36 PM, Anil Saldhana wrote:

> Hi All,
> our release ninja, Pedro has released PicketBox 5.0.0.Final whose  
> notes is at https://docs.jboss.org/author/display/SECURITY/5.0.0.Final
>  
> We delayed the release mainly to accommodate PicketLink v3.0 IDM that  
> was under development. PicketBox5 uses the most recent version of IDM.
>  
>  

Congratulation guys.  
>  
> ==============
> ** What is PicketBox5? **
> ==============
> PicketBox5 is a project that provides the various tools for Java Security.
> https://docs.jboss.org/author/display/SECURITY/SecurityProjectsArchitecture
>  
> ==================
> ** Are there quickstarts? **
> ==================
> https://docs.jboss.org/author/display/SECURITY/PicketBox+Quickstarts
>  
>  

Looks like the quickstarts are referencing to the Pedro's repository, not PicketBox repository.
>  
> ==================
> ** Where is PicketBox5 useful? **
> ==================
> Java Applications wherever the following are needed:
> * Authentication.
> * Authorization
> * Audit
> * Session Management (non-http based)
> * Entitlements Management  
> (https://docs.jboss.org/author/display/SECURITY/EntitlementsManager)
>  
> It does have general purpose HTTP authentication (basic/form/digest)  
> support that is not EE container security  
> driven.(https://docs.jboss.org/author/display/SECURITY/PicketBox+HTTP)
>  
> =========================
> ** How is this different from PicketLink v3? **
> =========================
>  
>  

Here comes the tricky part to understand, at least for me. If I recall correctly PicketLink v3 is our  
opportunity to build something new from the experience of Seam Security, PicketBox, GateIn, Resteasy….

Are we filling the gaps with PicketBox instead of provide the final solution? For example, picketlink provides something like this for me:

package org.picketlink.internal;

public class DefaultIdentity implements Identity….

On picketlink-extensions I have:

package org.picketlink.extensions.core.pbox;

public class DefaultPicketBoxIdentity extends DefaultIdentity implements PicketBoxIdentity…

It makes me confuse. Are we filling the gaps on PicketLink or creating workarounds inside something new?

> PicketLink v3 is our umbrella project for enabling security for JavaEE  
> applications (EE6+). PicketLinkv3 contains core security, IDM, SAML,  
> OAuth and Social (facebook/twitter/openid) components that are useful  
> for JavaEE applications. There is PicketLink Extensions project that  
> does use PicketBox5 underneath to fill in some of the gaps missing in  
> PicketLink v3, as we are transitioning features into PL3 based on user  
> demand.  
>  
>  

>  
> Feedback welcome.
>  
> Now onto making PicketLink v3 Final release a reality. :)
>  
> Regards,
> Anil
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org (mailto:security-dev at lists.jboss.org)
> https://lists.jboss.org/mailman/listinfo/security-dev
>  
>  


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20130213/fa76e436/attachment.html 


More information about the security-dev mailing list