Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Simplify JASPIC SAM development via new CDI enabled HTTP specific interface #24
In JSR 375, we could simplify application developer authentication mechanism development by specifying helper classes for JASPIC. This has already been suggested in https://java.net/jira/browse/JASPIC_SPEC-24.
After discussion with the JASPIC spec lead (Ron Monzillo), we resolved that JSR-375 may address https://java.net/jira/browse/JASPIC_SPEC-24 with respect to simplifying SAM development, since core JASPIC behavior is unaffected.
A bridge SAM, installed by a combination of a CDI extension and a ServletContainerInitializer calls implementations of this interface. Since the bean implementing this interface is obtained via the CDI bean manager, all CDI services are available in this bean. Note that this absolutely does not mean a SAM becomes in any way managed by CDI.
Example of SAM bridging the validateRequest method:
An example authentication mechanism (simplified SAM) looks as follows: