[
http://jira.codehaus.org/browse/MRM-832?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=180876#action_180876 ]
Justin Koke commented on MRM-832:
---------------------------------
I would also really like to add my voice to this issue.
Security is hard to get right, and it usually scares me when I find 'yet another security framework'.
I didn't know about Redback until I found it in Archiva and I am astonished that it was chosen as an option for this project.
I would highly recommend moving away from Redback and use Spring Security.
> Investigate future Security framework options
> ----------------------------------------------
>
> Key: MRM-832
> URL:
http://jira.codehaus.org/browse/MRM-832> Project: Archiva
> Issue Type: Task
> Components: Users/Security
> Affects Versions: 1.2
> Reporter: James William Dumay
> Fix For: 1.x
>
>
> This is just a stub ticket as we have been rumbling about replacing/improving our choice of security framework in 1.2
> Ideally it should be _very_ easy for administrators of Archiva to back auth onto a variety of systems - LDAP, Active Directory, Atlassian Crowd, OpenSSO, etc
> Possible frameworks:
> * Redback (Current, could do with some love) -
http://redback.codehaus.org> * Spring-Security (was ACEGI) -
http://static.springframework.org/spring-security/site/> * JSecurity (new Apache Incubator project) -
http://www.jsecurity.org/--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
