⚠️This project is now part of the EE4J initiative. This repository has been archived as all activities are now happening in the corresponding Eclipse repository. See here for the overall EE4J transition status.
Java EE Security (JSR 375) RI
Soteria can be built by executing the following from the project root:
mvn clean package
The API and combined API/implementation jars can then be found in /api and /impl respectively.
In /test a number of sample applications are located that each demonstrate a specific feature of JSR 375. The folder is called /test since these double as integration tests.
The sample applications are build when the main build as shown above is executed. By default these applications are build for a target server that is not assumed to already provide a JSR 375 implementation (like a Java EE 8 server would). In that case the Soteria jars are included in the application archive.
Alternatively the sample applications can be build for a server that does provide a JSR 375 implementation. In that case the Soteria jars are not included in the application archive. This can be done using the
provided profile as follows:
mvn clean package -Pprovided
There are 4 CI targets provided to test Soteria against:
Testing against any of these is done by activating the maven profile with the same name. E.g.
mvn clean install -Ptomee,bundled
Testing against glassfish (which provides soteria integration):
mvn clean verify -Pglassfish,provided
Soteria currently fully runs on Payara 188.8.131.52, JBoss WildFly 10 and TomEE 7.0.2-SNAPSHOT from 12-10 (with Tomcat 8.5.6). It runs mostly on Liberty 184.108.40.206/2016.9, TomEE 7.0.1 and GlassFish 4.1.1. "Mostly" means here that some features don't work because of bugs in the servers. For instance on Liberty 220.127.116.11
request.authenticate isn't supported. These bugs are likely going to be fixed in newer versions.
Soteria does not run at all on WebLogic 12.2.1 due to a problem with server authentication modules working at all.