I haven't been tracking JSR 351, and we don't currently plan to
include it in EE 7, so I don't know if the requirements you refer to
would be part of that spec or some future version of the platform
Werner Keil wrote on 05/10/2012 03:28 PM:
Thanks a lot for the update.
I'm glad, Ron is involved, so where access to identity
providers and attributes so far discussed by the JSR 351 EG
needs to be restricted or controlled, I assume there's going to
be additional requirements for that, too.
Am 10.05.2012 23:43 schrieb "Bill
Larry McCay, Ron Monzillo, and I have drafted updates to the
spec to describe the new security manager requirements we've
agreed on. It turned out to be surprisingly difficult to
requirements in a way that captures some of the subtlety
Please review these updated spec sections carefully and ask
if you're not sure exactly what the requirements are.
The proposed spec updates are here, and will be folded into
spec soon (obviously the numbering and such will be fixed at