Forgot to state the obvious:
If you're interested in help us shape the XWiki security APIs you're
more than welcome :)
Thanks
-Vincent
On Sep 20, 2007, at 12:23 PM, Vincent Massol wrote:
On Sep 20, 2007, at 12:11 PM, Bradley Beddoes wrote:
Hi Vincent,
So I have had a look at the links provided below and while I don't
know
the Plexus framework very well I understand what its purpose is.
Not to interfere in architecture decisions but Spring OSGi also looks
quite nice in this space. Is Xwiki built around Spring?.
No it's not built around Spring.
The component manager used doesn't matter as this stage. What
matters is to have components and a component architecture,
components being plain POJOs. This is where our effort is. The
first implementation I've done is with Plexus which is hidden away
in a single location (in the xwiki-plexus/ build module) and there
isn't a single import of Plexus in any other place.
Vincent Massol wrote:
...
We're not using it. We haven't decided what we do. Is ESOE a
superset
of Acegi, are they competitors, etc. Do you know JGuard? Is it a
competitor to ESOE or are they in different domains? As you can see
this is not a domain I know well so if you're interested in bringing
your expertise to XWiki then that would be cool :)
I think Acegi is going to play very nicely with what you guys are
trying
to do. I am going to embark on an Acegi -> ESOE integration over the
next week or so which will mean that anything using Acegi will be
right
to go with ESOE.
What Acegi will give you is really nice pluggable authentication,
authorization and User management which will mean users wanting to do
enterprise level SSO and authorization with ESOE will be able to
do that
but those wishing to just auth against ldap will also be able to
do that.
cool
So Acegi is basically an integrator at the
application level. ESOE
and
its associated client side SPEP is a step above that, it does all the
heavy SAML and XACML lifting, the SPEP will hook into Acegi (just
like
say LDAP could) and provide the source of authentication, identity
and
authorization that Acegi will rely on when the application calls it.
ok, I understand. Sounds good then.
From the limited look I have had at JGuard it
seems to play in the
same
space as Acegi.
Hope this is of some help let me know what you think about Acegi,
if you
want to go with designing your own layer I'd need to probably see
some
discussion around that so I can give you feedback.
We only want to have our own interfaces (as in Java Interfaces).
The implementation can be using Acegi and ESOE.
Unfortunately nobody here is currently working on these interfaces
right now. In term of architecture improvements, the work in
progress currently are:
* New Rendering/Parsing interfaces using WikiModel - Vincent (me)
* Velocity component - Vincent (me)
* New Notification/Observation component - Vincent (me)
* New Action component - Vincent (me)
* New URL management component - Vincent (me)
* New WYSIWYG editor architecture based on GWT and WikiModel - Marius
* New Rights Management UI - Thomas M
You can see a summary of these and more on the design space of
xwiki.org (not yet fully up to date though):
* old location:
http://www.xwiki.org/xwiki/bin/view/Idea/ (there
are still some proposals not moved to the new Design space in there
which is why I'm listing it here)
* new location:
http://www.xwiki.org/xwiki/bin/view/Design/
Thanks
-Vincent