Hi, On Tue, Feb 10, 2015 at 8:34 PM, Mark Thomas-2 [via Tomcat] <ml-node+s10n502964...@n6.nabble.com> wrote: > If you do look at JBoss keep in mind it is GPL licensed and we need to > be very careful that we don't end up with GPL'd code in Tomcat.
That's absolutely true. The code there shouldn't not be copied in any way. It's only useful as an example of how a Tomcat Valve can integrate with something like JASPIC. As for the JASPIC code there, it wouldn't make sense to copy it anyway, since A) it's JBoss specific (builds up JBoss principal, calls JBoss security service, etc) and B) there are various issues with it (it looks like JBoss pretty much rewrote everything from scratch for Undertow, which is completely different). > Personally, I'd look more much more closely at Geronimo. You're right, and since that one is Apache licensed one can even copy from it if needed. > Keep in mind that part of the goal is to replace the existing > authenticators with JASPIC modules. (As suggested on the Servlet EG list.) It's good to have that as part of the goal indeed. Such auth modules could even be implemented by a separate (group) of students if needed, as they would not necessarily depend on the JASPIC implementation for Tomcat. As long as that one is not finished they could test it on any existing JASPIC implementation (e.g. the RI, GlassFish). > I think we all know that feeling - hence why I suggested it for GSoC. Yeah, I get that, thanks! It's still something that I'd really love to do, but with the work for the startup zeef.com, open source projects OmniFaces and OmniSecurity, the work for the JSF EG and perhaps soon for the security EG, there is not always much time left. I had this on my sketchy todo list for ~end of this month, but I'll see what happens with the GSoC project now ;) Kind regards, Arjan > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [hidden email] > For additional commands, e-mail: [hidden email] > > > > ________________________________ > If you reply to this email, your message will be added to the discussion > below: > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5029643.html > To unsubscribe from Consider support for the Servlet profile of JSR 196 > (JASPIC) in Tomcat 7.0.x, click here. > NAML -- View this message in context: http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5029664.html Sent from the Tomcat - Dev mailing list archive at Nabble.com.
