In addition to generalizing the authorization layer, we also need to generalize the authentication layer and have a well defined SSO framework that can be used across JEMS.
The JSR-196 (Java Authentication SPI for Containers) draft has finally seen the light of day and so authentication will also be a better defined as a pluggable aspect of a j2ee container. There is no notion of SSO in this spec however, so as part of update the authentication service to support JSR-196, we also need to consider how SSO via standards such as SAML and Liberty are going to be supported.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3887318#3887318
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3887318
|
