incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Carman" <>
Subject Re: [PROPOSAL] Incubate JSecurity Project
Date Fri, 30 May 2008 13:00:10 GMT
On Fri, May 30, 2008 at 8:31 AM, Jeremy Haile <> wrote:

> Another differentiator is that JSecurity provides a session framework
> that is not limited to being shared across just web-based applications.
> We have users that share sessions across multiple environments, such as
> Swing apps talking to a server over Spring remoting or RMI, applets, and
> web applications - so they can all share common session information in a
> heterogeneous environment.

I like this idea!  We have an application that has a Swing client and
we talk to the server via Spring remoting.  This shared session idea
sounds intriguing.  I might have to look into switching to JSecurity!

> This simplicity and power is unmatched in any existing security
> framework out-of-the-box.
> Finally, JSecurity strives for simplicity in all areas.  To this end, it
> explicitly supports common security mechanisms used in most applications
> such as roles and permissions.  This makes code more readable, limits
> the amount of custom coding required, and makes security definitions
> very concise and readable.  Despite our goals of simplicity we also aim
> for flexibility - so out of the box the framework should be extremely
> easy to get up and running, requiring minimal configuration and custom
> code.  But for users who have much more advanced needs, JSecurity
> provides the pluggability and extensibility to be used for almost any
> security application.

The simplicity is definitely needed.  Spring Security is confusing at
times.  They've tried to clean things up a bit in the latest
version(s), but it's still tough to wrap your head around.  I usually
just copy/paste something that I know works. :)

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message