Uploaded image for project: 'Causeway'
  1. Causeway
  2. CAUSEWAY-3305

[DISCUSS] Re-platform on top of Spring security.

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Done
    • 2.0.0-M9
    • 2.1.0, 3.1.0
    • None
    • None

    Description

      as per https://the-asf.slack.com/archives/CFC42LWBV/p1670661588201299

       
      Andi's wish list of changes is:

      1. drop Shiro support -> or perhaps provide a default Spring Security integration if simple enough
      2. drop Keycloak support  -> keep Keycloak, provide a default Spring Security integration
      3. instead fully integrate with Spring Security -> YES (not instead)
      4. drop SudoService  -> NO keep
      5. instead provide impersonation via a specialized login page
      6. drop Wicket's .../signin, .../logout -> ONHOLD as long as there is only the Wicket Viewer, we don't yet need to think about this too hard
      7. instead provide simple replacements under /security/... central to the application (not using Wicket) -> a common /logout would make sense, however viewer specific /login could be kept as is for now

      Why? Focus on one security stack and do that integration well
       

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. CAUSEWAY-3307 [WON'T FIX] Wicket Viewer - Autoconfigure Login Form when using Spring Security Stack

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              danhaywood Daniel Keir Haywood
              danhaywood Daniel Keir Haywood
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: