[jakarta.ee-community] Java EE Security API Specification (JSR 375)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jakarta.ee-community] Java EE Security API Specification (JSR 375)

From: Gergely Molnár <gergelymolnarpro@xxxxxxxxx>
Date: Sun, 26 May 2019 10:48:26 +0200
Delivered-to: jakarta.ee-community@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jakarta.ee-community>
List-help: <mailto:jakarta.ee-community-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jakarta.ee-community>, <mailto:jakarta.ee-community-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jakarta.ee-community>, <mailto:jakarta.ee-community-request@eclipse.org?subject=unsubscribe>

Hi All,

Please correct me if I am wrong, The Security Api 1.0 is great thinks, but the handling of the user's groups still server specific (Example: on WildFly, the groups just equal with the role name). I think it would be nice if the group is group from LDAP or programmatically created from anywhere (database, file, new protocol...).

The medium or the big companies have custom certificate system and I think the intermediate certificate as group at client authentication or programmatically trusted certificate makes sense.

Best regards / Üdvözlettel,

Gergely Molnár

Prev by Date: Re: [jakarta.ee-community] Specification acronyms
Next by Date: Re: [jakarta.ee-community] Specification acronyms
Previous by thread: [jakarta.ee-community] Specification acronyms
Next by thread: [jakarta.ee-community] Java EE to Jakarta EE vs Jakarta
Index(es):
- Date
- Thread

Breadcrumbs