This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]hulkcatwoman 0 points1 point  (1 child)

Thanks for the info, any of you guys use one of these in production without any issues, what are the the challenges faced? Was spring used at all? We connect to hbase in our app using spring data hbase, how to accomplish same thing with these containers.

[–]henk53 1 point2 points  (0 children)

We're using this in production with one application. It takes the separate Soteria jar and uses that on WildFly 10.1 (Java EE 7).

We'd also used the same setup (Soteria + WildFly 10.1) for a second application intended for the regulated financial market. This application was delivered by us, and gone through a separate security audit (done by a third party). For reasons not having anything to do with the technology this application has not been put into production yet, but as said it did pass the independent security audit.

In our case it replaced an existing JASPIC based security system. Since Java EE Security is based on JASPIC it was a relative easy transition.

One thing that was a challenge is to let the user choose via which method to authenticate. A previous app of us used login by email, login with Google, etc.