Hi, Great news!
Do you have any definite start date for the actual coding already? A short while ago I did a very small and simple implementation of the Servlet BASIC auth mechanism using JASPIC, which is one of the 4 mechanisms required by Servlet. See: https://github.com/omnifaces/omnisecurity/blob/master/src/main/java/org/omnifaces/security/jaspic/authmodules/BasicAuthModule.java Calling out to the "identity store" is however not standardised yet (the example code simply uses CDI) and has to be done in a Tomcat specific way. Kind regards, Arjan Tijms On Monday, May 4, 2015, Fjodor Vershinin [via Tomcat] < ml-node+s10n503407...@n6.nabble.com> wrote: > Good news, everyone! > I am happy to announce that our project has been accepted to participate > in > GSoC. Now it's community binding period, so I need to introduce myself to > other developers. > Some brief information about me: My name is Fjodor Vershinin, I am 2'th > grade computer science student from Estonia. One of my hobbies is writing > OSS software, mainly in Java and Python. I hope to finish JASPIC > implementation during this summer and make Tomcat better ;) > Fjodor. > > > 2015-03-04 11:09 GMT+02:00 Fjodor Vershinin <[hidden email] > <http:///user/SendEmail.jtp?type=node&node=5034072&i=0>>: > > > Hello! > > It looks like ASF has been selected for GSOC 2015 and I am interested in > > pushing this project forward. So, in meantime I'll start writing > proposal > > and hope this project will be selected to participate in Gsoc program. > > Best regards, > > Fjodor. > > > > 2015-02-10 22:44 GMT+02:00 Arjan Tijms <[hidden email] > <http:///user/SendEmail.jtp?type=node&node=5034072&i=1>>: > > > >> Hi, > >> > >> On Tue, Feb 10, 2015 at 8:34 PM, Mark Thomas-2 [via Tomcat] > >> <[hidden email] <http:///user/SendEmail.jtp?type=node&node=5034072&i=2>> > wrote: > >> > If you do look at JBoss keep in mind it is GPL licensed and we need > to > >> > be very careful that we don't end up with GPL'd code in Tomcat. > >> > >> That's absolutely true. The code there shouldn't not be copied in any > >> way. It's only useful as an example of how a Tomcat Valve can > >> integrate with something like JASPIC. As for the JASPIC code there, it > >> wouldn't make sense to copy it anyway, since A) it's JBoss specific > >> (builds up JBoss principal, calls JBoss security service, etc) and B) > >> there are various issues with it (it looks like JBoss pretty much > >> rewrote everything from scratch for Undertow, which is completely > >> different). > >> > >> > Personally, I'd look more much more closely at Geronimo. > >> > >> You're right, and since that one is Apache licensed one can even copy > >> from it if needed. > >> > >> > Keep in mind that part of the goal is to replace the existing > >> > authenticators with JASPIC modules. (As suggested on the Servlet EG > >> list.) > >> > >> It's good to have that as part of the goal indeed. Such auth modules > >> could even be implemented by a separate (group) of students if needed, > >> as they would not necessarily depend on the JASPIC implementation for > >> Tomcat. As long as that one is not finished they could test it on any > >> existing JASPIC implementation (e.g. the RI, GlassFish). > >> > >> > I think we all know that feeling - hence why I suggested it for GSoC. > >> > >> Yeah, I get that, thanks! It's still something that I'd really love to > >> do, but with the work for the startup zeef.com, open source projects > >> OmniFaces and OmniSecurity, the work for the JSF EG and perhaps soon > >> for the security EG, there is not always much time left. I had this on > >> my sketchy todo list for ~end of this month, but I'll see what happens > >> with the GSoC project now ;) > >> > >> Kind regards, > >> Arjan > >> > >> > >> > >> > >> > > >> > Mark > >> > > >> > --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: [hidden email] > >> > For additional commands, e-mail: [hidden email] > >> > > >> > > >> > > >> > ________________________________ > >> > If you reply to this email, your message will be added to the > discussion > >> > below: > >> > > >> > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5029643.html > >> > To unsubscribe from Consider support for the Servlet profile of JSR > 196 > >> > (JASPIC) in Tomcat 7.0.x, click here. > >> > NAML > >> > >> > >> > >> > >> -- > >> View this message in context: > >> > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5029664.html > >> Sent from the Tomcat - Dev mailing list archive at Nabble.com. > >> > > > > > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > > http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5034072.html > To unsubscribe from Consider support for the Servlet profile of JSR 196 > (JASPIC) in Tomcat 7.0.x, click here > <http://tomcat.10.x6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4993387&code=YXJqYW4udGlqbXNAZ21haWwuY29tfDQ5OTMzODd8LTM3MzU5NTg0OA==> > . > NAML > <http://tomcat.10.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > -- View this message in context: http://tomcat.10.x6.nabble.com/Consider-support-for-the-Servlet-profile-of-JSR-196-JASPIC-in-Tomcat-7-0-x-tp4993387p5034079.html Sent from the Tomcat - Dev mailing list archive at Nabble.com.
