Thanks, Charles. I left a similar request as a comment on your
wiki. I am actively working on a JAAS implementation of XWiki's
interfaces. Or rather, I have begun by subclassing the
XWiki*ServiceImpl classes because that's how some others are done and there
may be things that XWiki needs there. It may actually be that it
makes more sense just to implement the interfaces directly.
This
is probably not the venue for continued discussion in this vein, so I'll do
this directly, but thought I'd let the list know that this is going on in case
anyone wants to share in the effort and results.
I'm
not on the developers list; are you, Charles? Would that be the best place
to carry on? I suppose if you didn't intend it to be an "official" part of
XWiki it might not be, but on the other hand it looks like a good place for the
XWiki developers to start if nothing else. The only jGuard-specific code
should be connected only by the configuration files.
Alternatively, perhaps the jGuard wiki would be a good place to discuss
and develop the overall design. Does that sound like a good
idea?
I'm
sorry for the delay in responding; I started this reply on Friday and then
forgot about it over the weekend. Though I never completed it, I
found it, marked unread, in my Sent Items folder...
brain[sic]
Hi,
i'm part
of the jGuard project and a user of Xwiki (through our website www.jguard.net hosted and powered by
XWiki).
jGuard implements JAAS and provide an easy way to use it in a
webapp context.
that's right that Xwiki security apis differs from the JAAS
apis.
but the concept involved in the Xwiki apis, are closed of the JAAS
and jGuard ones.
if you've got some interest by adapting the XWiki apis to
JGuard (an JAAS implicitly), i can help you to do it.
but this adapter will
not be an "official" Xwiki way....
hope it helps,
Charles
GAY(jGuard team).
On 4/25/06, THOMAS,
BRIAN M (SBCSI) <bt0008@att.com>
wrote:
We
are standardizing on the Java Authentication and Authorization
Service
(JAAS). I thought I heard that XWiki supports the
Pluggable
Authentication Modules (PAM) standard, but haven't found any
reference
to it in the docs. Further, there are some articles
out about
integrating JAAS into Tomcat, which is another thing to think
about. We
actually are considering at least two methods here -
a centralized PIN
server and a RADIUS server for SecurID access, and both
have clients
that implement the JAAS interfaces.
There are a
couple of strategies that I could probably try: one is just
to
use the JAAS/Tomcat integration route. That would seem to give
the
most bang-per-buck, but that would (I think) not allow controls at
the
level of granularity that XWiki does, or would actually take
controls
away from the XWiki rights system.
Another (actually my
first idea) is to implement the various
com.xpn.xwiki.user.api interfaces
(XWikiAuthService, XWikiGroupService,
and XWikiRightService) with JAAS
calls.
Anyone have any experience with
this?
brain[sic]
--
You receive this message as
a subscriber of the xwiki-users@objectweb.org
mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For
general help: mailto:
sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home
page: http://www.objectweb.org/wws