Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [es-dev] Fwd: Java EE Security API Specification (JSR 375)
Hi Gergely,

You're right, JSR 375 only specified the 1:1 group to role mapping, due to timing constraints. Standarizing a customizable mapping is definitely in the scope for next revisions of the spec.

Looking at the repository, it seems like we still don't have an issue for it though. Would you mind opening one on https://github.com/eclipse-ee4j/security-api/issues to gather some feedback and bootstrap the discussion?


Regards,

Guillermo González de Agüero

On Sun, May 26, 2019 at 2:54 PM Gergely Molnár <gergelymolnarpro@xxxxxxxxx> wrote:
Hi All,

Please correct me if I am wrong, The Security Api 1.0 is great thinks, but the handling of the user's groups still server specific (Example: on WildFly, the groups just equal with the role name). I think it would be nice if the group is group from LDAP or the group programmatically created from anywhere (database, file, new protocol...).

The medium or the big companies have custom certificate system and I think the intermediate certificate as group at client authentication or programmatically trusted certificate makes sense.

Best regards / Üdvözlettel,
Gergely Molnár


_______________________________________________
es-dev mailing list
es-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/es-dev

Back to the top