JavaEE8 Security API - JSR375 question

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

JavaEE8 Security API - JSR375 question

exabrial12
So we're greenfielding a new project. We're looking at using JSR375 as it
contains some great APIs.


One thing I really like about the way TomEE works is keeping configuration
in the environment. For instance, it's really handy to use tomcat-users.xml
locally, then when the code is deployed, it automatically uses LDAP. This is
merely a config change on the server, rather than having to recompile the
WAR.


Any idea how we could accomplish this using JSR375? I was curious if we
could/should implement a custom identity store that directly integrates with
the tomcat realm.

Thanks as always, TomEE continues to be the best platform to build apps on
(not at all biased haha).

cheers,
-Jonathan



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html
Reply | Threaded
Open this post in threaded view
|

Re: JavaEE8 Security API - JSR375 question

Jean-Louis MONTEIRO
Hey Jonathan,

The implementation in TomEE is fairly complete even though not tested aside
from TCK which are looking really good.
That is an improvement to do.

We have a couple of built-in identity
https://github.com/apache/tomee/tree/master/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore

JDBC and LDAP are there. You can implement your own and plug that in.
I made it such as the default is using tomcat-users.xml


So out of the box your use case should be covered unless I miss something.

Hope it helps


--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Thu, Feb 25, 2021 at 4:09 PM exabrial12 <[hidden email]> wrote:

> So we're greenfielding a new project. We're looking at using JSR375 as it
> contains some great APIs.
>
>
> One thing I really like about the way TomEE works is keeping configuration
> in the environment. For instance, it's really handy to use tomcat-users.xml
> locally, then when the code is deployed, it automatically uses LDAP. This
> is
> merely a config change on the server, rather than having to recompile the
> WAR.
>
>
> Any idea how we could accomplish this using JSR375? I was curious if we
> could/should implement a custom identity store that directly integrates
> with
> the tomcat realm.
>
> Thanks as always, TomEE continues to be the best platform to build apps on
> (not at all biased haha).
>
> cheers,
> -Jonathan
>
>
>
> --
> Sent from:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html
>
   --
    Jean-Louis Monteiro
    http://twitter.com/jlouismonteiro
    http://www.tomitribe.com