Re: Welcome to the new JSR-375 mailing list
On Fri, May 12, 2017 at 9:01 PM, Will Hopkins <will.hopkins@...> wrote:
The RememberMeIdentityStore is crucial for the @RememberMe annotation, and has been spec'ed there.
The 1:1 role mapping refers to the fact that some Java EE products mandate groups to be mapped to roles. Without that mapping, nothing works.
This is *extremely* undesirable as it still requires server specific configuration, while the entire point of JSR 375 is to have security without any server specific configuration. This was early on recognised as an important thing to specify that it should not be done (using a switch or under certain circumstances), but we never actually did that.
As you may know, WebLogic already does 1:1 role mapping is there's no specific configuration present and GF has a switch for it (but doesn't default to it).