[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] [sec] target EEs for JAAS integration work?

Enhancement works, and I'm all for contribution.

I'm on vacation next week, but I'm hoping to have a weekly Asterisk call set up for the following week. I'll post the info on the site, wiki and here as well once I iron it out. We can drill on the details there, and I'd say throw a design on the wiki if you've got something particular in mind.


Matt Flaherty
Security Project Lead, Lotus Notes & Eclipse Equinox

From: Scott Lewis <slewis@xxxxxxxxxxxxx>
To: Equinox development mailing list <equinox-dev@xxxxxxxxxxx>
Date: 08/16/2007 02:08 PM
Subject: Re: [equinox-dev] [sec] target EEs for JAAS integration work?

Hi Matt,

Thanks for comments.  A couple of follow ups.

Matt Flaherty wrote:

Hmmm... Looks like CDC/Foundation does not include the javax.security.auth.* packages. I'm not sure if a JAAS implementation could be dropped on top of it, but I wouldn't be surprised if it could. JAAS is pretty thin.

With respect to a LoginModule for 3.4, I expect we will develop several (or explain how to use those in a typical JRE). The default configuration will probably work with a standard format JKS/JCEKS stored in an appropriate place for the platform (workspace, etc).

It would be good to make these login modules extensible (via extension point perhaps) so that other bundles (e.g. ECF) can hook into login process of an existing app that uses these login modules (e.g. Eclipse) and (e.g.) add principals and/or credentials to Subject during login or commit and prior to setReadOnly().  If you like, I can/could create an enhancement request for this...let me know.  I also could help with some of the programming for such a thing if desired.

equinox-dev mailing list