spring-security/roadmap.txt

===============================================================================
               ACEGI SECURITY SYSTEM FOR SPRING - ROADMAP
===============================================================================

The following changes/enhancements are proposed. We are not actively working
towards any of these, but they're provided so those interested in contributing
to the project have some ideas on where they could potentially add value.

- Extend integration tests to support Resin (Ant startup/shutdown approach 
  needed)

- Tablib that can query Authentication object in ContextHolder and hide links
  if the user does not hold a required authority

- Extend Spring remoting classes to transparently transport the Context

- Sample application that demonstrates EJB remote method invocation with Acegi
  security system as login module on server side

- Single sign on (SSO) web application that uses cookies and redirects (user
  accesses secured page, container FORM shown, container FORM redirs to SSO
  web app with target page passed as variable, SSO queries cookie to see if
  user already logged in, SSO completes user login, SSO redirects to container
  login page with Authentication being j_username etc, container logs user in
  and redirects to original secured page as per normal)

- Unit tests for JDBC authentication provider

- Web application to administer the JDBC authentication repository, so people
  don't need to write their own or rely on RDBMS tools to manage users etc

The following are non-goals:

- Orion container adapter. I did write a suitable adapter, but found the
  unresolved taglib support issue detailed at
  http://bugs.orionserver.com/issue/view.jsp?id=1081 prevented the sample
  application from being tested.


$Id$