I agree that Brian has identified two key
use cases. The general case about making RCP more fully featured for enterprise
applications is certainly right on the mark.
In my mind asking "How important is
RCP?" is somewhat akin to asking "How important does Higgins want to
be to Eclipse?"
RCP is
very important to Higgins. As we’ve discussed with Jeff McAffer several
months ago, our reticence to stand up and say that Higgins will address the
RCP/JAAS issue has been caused mainly by Higgins not being ready to deliver within
the 3.2 timeframe. We didn’t want to say we could do it and then leave Jeff/RCP
high and dry.
Fast
forward to now and things are bit different. Higgins is gaining resources and
things are further along. Nevertheless, I still can’t commit to an
RCP/JAAS date because
Higgins has other “customers” and its design needs to evolve to
handle them all at some base level. We consider Higgins will be at 0.4 by June,
and we’d like to reach 1.0 (including JAAS support) by the end of 2006.
There will be a security framework for
RCP. If it is not Higgins, then it will be another one. If Higgins is there
first, it will very likely be used. If Higgins decides to not do it, there is a
higher probability that Higgins will have limited utility to other projects
within Eclipse community. (Of course, if Equinox is already planning on
building a JAAS mechanism and release it as part of Equinox, that changes the
conversation. But AFAIK, that's not the case.) Higgins decided long ago to do it and we’ve
got some of the right folks to help get it done.
With respect to Tony's comment: "So I believe that the IBM RCP team has
done the above but has not contributed it to RCP project yet. So how important
is RCP ?" That sounds more negative as a
sound bite than I think he meant. I bet he meant how important right now WRT
our other commitments/customers.
I really don't know how to respond to
that. There is a ton of code that is based on Eclipse within IBM which, for
various sound business reasons, IBM has chosen to not open source. That is
clearly IBM's perogative. But I really don't think that it implies much about
the relevancy of RCP to Higgins or vice versa. Agreed.
I want to make it clear that my opinion
does not matter. The Foundation does not tell projects what to do, and whatever
you decide is fine with us. I just thought that I would let you know how I
see the situation.
Mike Milinkovich
Executive Director,
Eclipse Foundation, Inc.
Office: 613-224-9461 x228
Cell: 613-220-3223
mike.milinkovich@xxxxxxxxxxx
blog: http://milinkovich.blogspot.com/
From:
higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Brian Carroll
Sent: April 20, 2006 5:57 PM
To: Higgins (Trust Framework)
Project developer discussions
Subject: RE: [higgins-dev] JAAS
Scenario
Regarding: "How important is
RCP?", I see two use cases:
1. For industries such as the medical
profession, where professionals in an office tend to log on to an
application, do some work, and log off many times during the day (i.e., the
workstations are shared, not dedicated to an individual), and there need to be
some authentication and traceability of who did what. The Eclipse
Healthcare project has that requirement, and I believe there is a lot of
interest in building such healthcare applications on top of RCP. To
generalize this line of thinking, industries have looked at RCP and
decided it is a solid potential platform to build applications on, except that
it needs "enterprise -class" capabilities, such as security.
Adding JAAS would make RCP much more acceptable to be used for "enterprise"
applications.
2. For developer tools that operate in an
environment where security and auditability is important. An example is
ALF, where Eclipse-based tools should know who is operating the tool. If
JAAS is incorporated into RCP, a consequence is that JAAS will be available to
Eclipse plug-in-based tools.
Brian
Brian Carroll
Serena Fellow
Serena
(ofc) (503) 617-2436
(cell) (503) 318-2017
bcarroll@xxxxxxxxxx
From:
higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Anthony Nadalin
Sent: Wednesday, April 19, 2006
2:56 PM
To: Higgins (Trust Framework)
Project developer discussions
Subject: RE: [higgins-dev] JAAS
Scenario
OK, so
based upon the response, looks like there may be a RCP tie here and there may
not. So adding RCP adds to the adds to the mix. As there would need to be a
framework to bridge core JAAS and the Eclipse RCP. The benefits being the
ability to provided login configurations and login modules in plugins(bundles),
more easily contribute login modules, add a series of login events to the RCP,
and provide the concept of a "platform" login to the RCP.
So I
believe that the IBM RCP team has done the above but has not contributed it to
RCP project yet. So how important is RCP ?
So I
agree that we should add a JAAS/PAM box parallel level to “Other RCP
Apps” or just as another box for "Java Applications"
My team
owns the JAAS code for the JDK so we could help out here, I just need to
understand the scenario but the scenario I see is the following:
browser->web
application server->jaas login module->create jaas subject (context)->
create jaas principal (digital subject) -> call higgings to populate the
principal objects (HTags)
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
"Paul
Trevithick" <paul@xxxxxxxxxxxxxxxxx>
|
"Paul
Trevithick" <paul@xxxxxxxxxxxxxxxxx>
Sent by: higgins-dev-bounces@xxxxxxxxxxx
04/19/2006 04:10 PM
|
Please respond to
"Higgins (Trust Framework) Project developer discussions"
<higgins-dev@xxxxxxxxxxx>
|
|
|
To
|
"'Higgins
(Trust Framework) Project developer discussions'"
<higgins-dev@xxxxxxxxxxx>
|
|
cc
|
|
|
Subject
|
RE: [higgins-dev]
JAAS Scenario
|
|
My understanding of JAAS is shallow. I think we
need to create a LoginContext that sits above Higgins API as a client. Then, we
need to create a root context provider impl that uses the JAAS KeyStore. After
that things get really fuzzy for me. I pinged one of the Lotus Workspace folks
who knows JAAS to ask if he’d help us think this through but I
didn’t hear back. I guess in a sense we would be using a JAAS
LoginContext to wrap Higgins that in turn contained H-Tags. Must learn JAAS
better. I did realize one thing the other day: I think we should add a JAAS
LoginContext box to this picture: http://spwiki.editme.com/ArchitectureM4 at a parallel level to “Other RCP Apps”.
So one of
the scenarios that comes up is the integration of JAAS with Higgins, so JAAS
has the notion of LoginModules, these modules are responsible for creating
Subject and Principal objects and maybe Credential objects based upon the
authentication. So is the driving force being able to use JAAS to wrapper HTags
or something else ?
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
**********************************************************************
This email and any files transmitted
with it are confidential and intended solely for the use of the individual or
entity to whom they are addressed. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
