[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] JAAS integration (security)

Yep, there's code in the pipeline - it's in the IpZilla process at this point. Essentially, the contribution is geared towards plugging JAAS SPIs into the system (ie: LoginModules, CallbackHandlers and Configuration) and providing access to a platform-wide Configuration and a LoginContext implementation that is extended in Eclipse-related ways: events, dialog-based prompting, etc. Principals are supported via LoginModules, the big remaining work will be integrating the LoginContext into startup, things like the Jobs framework, and authorization decisions for extensions, etc.

For now, toss requirements into the wiki: http://wiki.eclipse.org/index.php/Security:_Requirements. It might be time to start categorizing the security requirements into categories for login/user authentication, credential management, code authentication/authorization, etc. I'll do that this week.


equinox-dev-bounces@xxxxxxxxxxx wrote on 06/18/2007 03:17:28 PM:

> I've heard a rumor :) that post-Europa there will be some JAAS
> integration bundles being contributed to Equinox for security
> enhancements (i.e. supporting platform-level authentication...hope,
> hope, etc).
> Is there any way to find out/begin review/start contributing
> ideas/requirements/enhancements for this work for those of us not
> Equinox committers (i.e. other community members)?
> Just by way of example, for some time, ECF uses/extends the Principal
> interface for it's concept of 'IDs' (user ID, process ID, service ID,
> etc).  Iff the JAAS integration work provides services and/or extension
> points to allow other plugins (ours and those built upon ours) to
> contribute Principals and Credentials to authenticated Subjects upon
> successful authentication, we would be most happy :).
> Thanksinadvance,
> Scott
> _______________________________________________
> equinox-dev mailing list
> equinox-dev@xxxxxxxxxxx