[security-dev] Picketlink 2.8.0
Arthur Gregório
arthurshakal at gmail.com
Mon Nov 23 11:19:34 EST 2015
I see this post, and i know what KC do..
What I mean is that I do not need all the things that KC does, I want
simple with the something like PL.
I posted in a thread about it on the same topic "continuity of PL" on the
dev list of KC and the same answer was given.
PL is such a cool framework, I refuse to believe that only I use it or only
I noticed this deep sleep that the project came...
Finally, the fact is that PL is like Spring Security, a swatter convenient
and fast flies. KC is already like a cannon, large and meaningless to the
context of solving a simple problem like killing a single mosquito.
But if so, the business is to make a project fork and working on my own
version.
at.,
*Arthur P. Gregório*
*+55 45 9958-0302*
@gregorioarthur
www.arthurgregorio.eti.br
2015-11-23 13:07 GMT-02:00 Bruno Oliveira <bruno at abstractj.org>:
> Please take a look at
> http://picketlink.org/news/2015/03/10/PicketLink-and-Keycloak-project-merge/
>
> I think this post answers your question.
>
> On Mon, Nov 23, 2015 at 1:05 PM Stephen Agneta <sagneta at gmail.com> wrote:
>
>> I'll share what I know with you in the hopes that it will help somehow.
>>
>> Well KC (keycloak) is a super-set of the PL (PicketLink) functionality
>> thus in theory it ought to work fine once it is ready and once some sort of
>> migration path is known. You may not wish to move to KC due to the
>> additional functionality which may be off-putting for lite applications but
>> KC will perform everything PL did and more and will do so in VM memory if
>> you so choose.
>>
>> Essentially KC is a real federated authentication and authorization
>> service with identity management that can run standalone or in-VM within a
>> WildFly cluster. Although a Java implementation it works with other systems
>> and languages out of process. It does integrate with Spring which may
>> interest you.
>>
>> The following link provides information for Wildfly 9 clustered
>> installation:
>>
>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#overlay_install
>>
>> Thus you should be able to have your authorization demands met _in VM_ as
>> opposed to over-the-wire for performance reasons if necessary.
>>
>> IMOP I think the KC project is the right move. They are fixing the big
>> issue which is the lack of an opensource Federated Identity Management
>> System. They also fixed little things such as Composite Roles which are
>> missing from PL.
>>
>> I merely disliked the abrupt change-over. I also can't move to keycloak
>> until I have more of an idea how the migration would work.
>> For example, how different is the default KC relational schema from the
>> default basic PL schema:
>>
>>
>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e136
>>
>> It is also not clear if keycloak has a CDI demand system ready like
>> PicketLink. They only hint at it. Also it runs in-cluster on Wildfly 9
>> and I am on 8. Nothing huge but issues that will need to be addressed.
>>
>> Hope that helps.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> On Mon, Nov 23, 2015 at 8:54 AM Arthur Gregório <arthurshakal at gmail.com>
>> wrote:
>>
>>> And KC does not have the same purpose as the PL.
>>>
>>> In short, I have no reason to migrate from one to the other, I use PL or
>>> go back to Spring Security.
>>>
>>> But it seems that there has not been any development in PL, at least in
>>> recent months, in short, it seems that the project is dying and all that
>>> were used for its own account.
>>>
>>> And with bugs like this https://developer.jboss.org/thread/266387, it's
>>> not cool to let the project stalled...
>>>
>>>
>>> *Arthur P. Gregório*
>>> *+55 45 9958-0302 <%2B55%2045%209958-0302>*
>>> @gregorioarthur
>>> www.arthurgregorio.eti.br
>>>
>>> 2015-11-23 11:47 GMT-02:00 Stephen Agneta <sagneta at gmail.com>:
>>>
>>>>
>>>> It certainly appears that everything has moved to key-cloak but I am
>>>> unsure that keycloak is ready to take the burden of current Picketlink
>>>> implementations. Nor am I sure how the migration process would occur. The
>>>> abruptness of the change is a bit disconcerting. Having said that
>>>> Picketlink is working fine save for one defect that which I requested that
>>>> is on the git HEAD but not in any particular release.
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Nov 23, 2015 at 8:43 AM Arthur Gregório <arthurshakal at gmail.com>
>>>> wrote:
>>>>
>>>>> Picketlink is dead?
>>>>>
>>>>> The last commit in the project repo was in 9 july..
>>>>>
>>>>> Is there a schedule for the new version or something like that?
>>>>>
>>>>> at.,
>>>>>
>>>>> *Arthur P. Gregório*
>>>>> *+55 45 9958-0302 <%2B55%2045%209958-0302>*
>>>>> @gregorioarthur
>>>>> www.arthurgregorio.eti.br
>>>>> _______________________________________________
>>>>> security-dev mailing list
>>>>> security-dev at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/security-dev
>>>>
>>>>
>>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20151123/76a2bafb/attachment-0001.html
More information about the security-dev
mailing list