Introduction
This is a page for discussion, planning and progress updates regarding replacing the existing Authentication and Authorization code in DSpace with a 3rd-party Authentication and Authorization framework, hopefully as a contribution to DSpace 5.x.
If you are interested in collaborating on this project, please add your name under the "Potential Collaborators" section. Thanks!
Proposal
Rather than continually modifying the legacy authentication and authorization code in DSpace, we should adopt a 3rd-part framework to provide these same services to the DSpace applications. This will hopefully strengthen our authentication and authorization code, and allow our work in this area to help other projects with similar needs.
This proposal was discussed at the DSpace Developers' Meeting on 2014-02-19
Background
Prior discussion of AuthZ here:
https://wiki.duraspace.org/display/DSPACE/AuthorisationSystem
Potential Frameworks
framework | pro | con | notes |
---|---|---|---|
Apache Shiro | large community, used by Fedora Futures | ||
JAAS | used by Fedora Commons 3.x | ||
Spring Security | we already use other parts of Spring |
Potential Collaborators
Hardy Pottinger
Mark Wood
Ivan Massár
Pascal-Nicolas Becker