[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] [sec] target EEs for JAAS integration work?

Hi Matt,

Thanks for comments.  A couple of follow ups.

Matt Flaherty wrote:

Hmmm... Looks like CDC/Foundation does not include the javax.security.auth.* packages. I'm not sure if a JAAS implementation could be dropped on top of it, but I wouldn't be surprised if it could. JAAS is pretty thin.

With respect to a LoginModule for 3.4, I expect we will develop several (or explain how to use those in a typical JRE). The default configuration will probably work with a standard format JKS/JCEKS stored in an appropriate place for the platform (workspace, etc).

It would be good to make these login modules extensible (via extension point perhaps) so that other bundles (e.g. ECF) can hook into login process of an existing app that uses these login modules (e.g. Eclipse) and (e.g.) add principals and/or credentials to Subject during login or commit and prior to setReadOnly().  If you like, I can/could create an enhancement request for this...let me know.  I also could help with some of the programming for such a thing if desired.

Scott