Re: [jetty-users] application authentication

[larry mccay <larry.mccay@xxxxxxxxx>]

Hi Arjan -

That is certainly true and something that I have always regretted about the spec.

I think we may have been better served to make only that registration method available which would have made that the only means to register a SAM.

A side project of mine has been trying to programmatically add a JASPIC SAM to an embedded Jetty server.

I eventually hit a wall that has it stalled now while I have higher priority tasks on my plate.

My intention is to eventually have a JASPIC authentication provider in our Apache Knox project (incubating still) for Hadoop.

If you have had any success with this I'd love to hear about it.

Another point about JASPIC that I don't think you touch on your blog is that it is only required in EE for the Servlet container. This has hurt adoption a bit. Glassfish does use it in the other containers as well but I don't believe any other vendor does.

Anyway, very good article - I will dig though it a bit deeper later.

Peace,

--larry

On Sat, Aug 17, 2013 at 8:03 AM, Arjan Tijms <arjan.tijms@xxxxxxxxx> wrote:

larry mccay <larry.mccay@...> writes:

> There, however, is no standard way to install this module by simply
> bundling it with an application and deploying it.

There's no standardized declarative way in JASPIC, but there is a programmatic
way.

A WebListener can call something like
"AuthConfigFactory.getFactory().registerConfigProvider(...)" to register such
module. Incidentally, the programmatic way is thus the only standardized way ;)

I'm building a kind of Acid test for JASPIC at
https://github.com/arjantijms/jaspic-capabilities-test and all test
applications bundle the SAM with the .war.

On my blog
arjan-tijms.blogspot.com/2012/11/implementing-container-authentication.html
I have described this process in some more detail.

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users