Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cn4j-alliance] Thoughts on the CN4J purpose



On Tue, Jan 12, 2021 at 3:03 PM arjan tijms <arjan.tijms@xxxxxxxxx> wrote:
Hi,

On Tue, Jan 12, 2021 at 2:02 PM Edwin Derks <ederks85@xxxxxxxxx> wrote:
This is a very good example of where it doesn't really matter from which platform the defined specification is maintained because a developer chooses a mix of ingredients for his app that happen to come from platform one, or platform two.

Correct, up till so far the APIs from both platform one and two agree to totally support each other. Meaning that e.g. Config is usable for all specs, and, say, the "Security Backbone" is used throughout all security specs. If I pic JWT as my authentication mechanism, and if I then define an additional identity store, it should be used. It should also be clear that if an app happens to define an authentication mechanism in web.xml and define JWT as the authentication mechanism what happens.
As a user, I definitely expect that. Unfortunately, I found a popular application server where MP JWT cannot be used in combination with the Jakarta Security. Either one or the other has to be used. They told me it was "expected behavior".

The saddest part is that their interpretation is valid, as the interaction between the two specs is not defined anywhere.
 

Kind regards,
Arjan Tijms


 
_______________________________________________
cn4j-alliance mailing list
cn4j-alliance@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cn4j-alliance

Back to the top