[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] JAAS integration (security)


Scott,

Here's the IpZilla link: http://dev.eclipse.org/ipzilla/show_bug.cgi?id=1549

I believe the code will end up in a security specific incubator where we will be hardening it and working on community requirements and feedback. The code should work on CDC/Foundation, the core security and JAAS APIs are a part of that runtime. These plug-ins are an optional add-on at this point, but that may change eventually as we try out tighter integration.

Hope that helps,

-matt

equinox-dev-bounces@xxxxxxxxxxx wrote on 06/19/2007 07:09:59 PM:

> Hi Matt,
>
> Thanks for the info.  I've added some requirements to the given page.
>
> Could you reference the IPZilla entries so that I (as committer) can
> track?  Once approved will the code be added in one of the Equinox
> incubation areas?
>
> Also for my information...will this run on CDC 1.0/Foundation 1.0
> runtime?  Will it add to equinox-required set of bundles?  (e.g.
> extension registry, jobs, etc?)
>
> Thanks,
>
> Scott
>
>
> Matt Flaherty wrote:

>
> Yep, there's code in the pipeline - it's in the IpZilla process at
> this point. Essentially, the contribution is geared towards plugging
> JAAS SPIs into the system (ie: LoginModules, CallbackHandlers and
> Configuration) and providing access to a platform-wide Configuration
> and a LoginContext implementation that is extended in Eclipse-
> related ways: events, dialog-based prompting, etc. Principals are
> supported via LoginModules, the big remaining work will be
> integrating the LoginContext into startup, things like the Jobs
> framework, and authorization decisions for extensions, etc.
>
> For now, toss requirements into the wiki:
http://wiki.eclipse.org/
> index.php/Security:_Requirements. It might be time to start
> categorizing the security requirements into categories for login/
> user authentication, credential management, code authentication/
> authorization, etc. I'll do that this week.
>
> -matt
>
> equinox-dev-bounces@xxxxxxxxxxx wrote on 06/18/2007 03:17:28 PM:
>
> > I've heard a rumor :) that post-Europa there will be some JAAS
> > integration bundles being contributed to Equinox for security
> > enhancements (i.e. supporting platform-level authentication...hope,
> > hope, etc).
> >
> > Is there any way to find out/begin review/start contributing
> > ideas/requirements/enhancements for this work for those of us not
> > Equinox committers (i.e. other community members)?
> >
> > Just by way of example, for some time, ECF uses/extends the Principal
> > interface for it's concept of 'IDs' (user ID, process ID, service ID,
> > etc).  Iff the JAAS integration work provides services and/or extension
> > points to allow other plugins (ours and those built upon ours) to
> > contribute Principals and Credentials to authenticated Subjects upon
> > successful authentication, we would be most happy :).
> >
> > Thanksinadvance,
> >
> > Scott
> >
> >
> >
> >
> > _______________________________________________
> > equinox-dev mailing list
> > equinox-dev@xxxxxxxxxxx
> >
https://dev.eclipse.org/mailman/listinfo/equinox-dev
>
>
> _______________________________________________
> equinox-dev mailing list
> equinox-dev@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/equinox-dev
>  

> _______________________________________________
> equinox-dev mailing list
> equinox-dev@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/equinox-dev