spring-security/roadmap.txt

41 lines
1.7 KiB
Plaintext

===============================================================================
ACEGI SECURITY SYSTEM FOR SPRING - ROADMAP
===============================================================================
The following changes/enhancements are proposed. We are not actively working
towards any of these, but they're provided so those interested in contributing
to the project have some ideas on where they could potentially add value.
- Extend integration tests to support Resin (Ant startup/shutdown approach
needed)
- Tablib that can query Authentication object in ContextHolder and hide links
if the user does not hold a required authority
- Extend Spring remoting classes to transparently transport the Context
- Sample application that demonstrates EJB remote method invocation with Acegi
security system as login module on server side
- Single sign on (SSO) web application that uses cookies and redirects (user
accesses secured page, container FORM shown, container FORM redirs to SSO
web app with target page passed as variable, SSO queries cookie to see if
user already logged in, SSO completes user login, SSO redirects to container
login page with Authentication being j_username etc, container logs user in
and redirects to original secured page as per normal)
- Unit tests for JDBC authentication provider
- Web application to administer the JDBC authentication repository, so people
don't need to write their own or rely on RDBMS tools to manage users etc
The following are non-goals:
- Orion container adapter. I did write a suitable adapter, but found the
unresolved taglib support issue detailed at
http://bugs.orionserver.com/issue/view.jsp?id=1081 prevented the sample
application from being tested.
$Id$