[es-dev] Authorization modules / Authorization rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[es-dev] Authorization modules / Authorization rules

From: arjan tijms <arjan.tijms@xxxxxxxxx>
Date: Thu, 23 Sep 2021 16:37:05 +0200
Delivered-to: es-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/es-dev/>
List-help: <mailto:es-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/es-dev>, <mailto:es-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/es-dev>, <mailto:es-dev-request@eclipse.org?subject=unsubscribe>

Hi,

One of the things we left open for Jakarta EE Security 1.0 was the authorization topic, prioritising authentication first (which resulted in the HttpAuthenticationMechanism and IdentityStore).

I did a prototype back then for an authorization module, but we didn't discuss it further after running out of time.

In this article I'm discussing this prototype:

https://arjan-tijms.omnifaces.org/2016/07/simplified-custom-authorization-rules.html

For Jakarta Security 3.0 this topic is on the plan again: https://projects.eclipse.org/projects/ee4j.es/releases/3.0

Thoughts?

Kind regards,

Arjan

Follow-Ups:
- Re: [es-dev] Authorization modules / Authorization rules
  - From: Rudy De Busscher

Prev by Date: [es-dev] Mechanism to define security interceptors using *AuthenticationMechanismDefinition
Next by Date: Re: [es-dev] Authorization modules / Authorization rules
Previous by thread: [es-dev] Mechanism to define security interceptors using *AuthenticationMechanismDefinition
Next by thread: Re: [es-dev] Authorization modules / Authorization rules
Index(es):
- Date
- Thread

Breadcrumbs