You can find the full source code for this website in the Seam package in the directory /examples/wiki. It is licensed under the LGPL.
Offers simpler, yet more powerful authentication and authorization for Java EE applications.
To get started, add the following dependencies to your pom.xml: :
<dependency> <groupId>org.jboss.seam.security</groupId> <artifactId>seam-security-api</artifactId> <version>3.1.0.Final</version> </dependency> <dependency> <groupId>org.jboss.seam.security</groupId> <artifactId>seam-security</artifactId> <version>3.1.0.Final</version> <scope>runtime</scope> </dependency>
|Name||Module role||Commit username (Git)||Organization||Hometown (Time zone)|
|Shane Bryzak||Lead||sbryzak||Red Hat, Inc.||Brisbane, AU (UTC+10)|
|Marcel Kolsteren||Contributor||marcelk||Meandi ICT||Utrecht, The Netherlands (UTC+1)|
Seam Security provides a powerful set of authentication and authorization services for CDI applications. Authentication is based on the JAAS standard and allows for total control over the user authentication process. Authorization is based on a pluggable, extendable API and offers a number of features for locking down the sensitive parts of your application - ranging from simple role-based security checks all the way through to advanced rule-based and ACL permissions.
To make life even easier, Seam Security provides an Identity Management API for managing the users and roles within your application, and a Permission Management API for managing the permissions for individual domain objects and other user-defined permissions.
For more advanced security requirements, seamless integration with PicketLink allows you to take advantage of an even greater range of security backends, such as SSO, Kerberos and SAML.
|3.0.0.Alpha2||December 2010||External authentication services|
Among others, the security module will have the following features.
The security module will allow CDI applications to delegate user authentication to an identity provider like OpenId. This will allow developers to open up their application for users that own an account at Google or Yahoo or any other SAMLv2 or OpenID provider. The user experience will be better: the user doesn't have to register a new account, doesn't need to remember another password, and only needs to login once. The developer experience will also be better: no need for administering user passwords and no need to implement password recovery mechanisms.
You can expect:
Ideas for additional features:
If you have a CDI application with an own user/password database, you can use the security module to expose those users to other applications. This turns your application into a SAMLv2 identity provider and/or an OpenID provider. Other applications (Seam based or not Seam based) can delegate authentication to your IDM application.
|This section serves as a whiteboard for design and ideas for this module. Once you've decided to pursue a feature, it should be added to JIRA as a feature request and optionally linked from this page.|