|Re: [jakarta.ee-community] [jakartaee-ambassadors] Re: Jakarta EE Backlog -> Guide to Jakarta EE 10|
@Context: Implementors MUST provide CDI; applications MAY use CDI....
@Context: Applications MUST use CDI
_______________________________________________Hi,On Fri, Jun 19, 2020 at 5:53 PM Werner Keil <werner.keil@xxxxxxxxx> wrote:Isn't there a @RolesAllowed in Jakarta Security and the idea would be to deprecate it in Jakarta REST in favor of that?If Security needed a little more modularity or a "light" module where Authentication or Authorization may not always be required, I guess that is also something to explore.Both Authentication and Authorization are very small SPIs, and they are exactly meant for vendors to implement a few things of so that Jakarta Security works on whatever environment. Something like say MP JWT takes about the same to implement from scratch as Jakarta Authentication or Authorization (I know, since I implemented all three ;)).Kind regards,Arjan Tijms
jakarta.ee-community mailing list
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jakarta.ee-community
Back to the top