Introducing elytron
Elytron is a new subproject, developed for the upstream version of the application server (WildFly) which will completely replace the combination of PicketBox and JAAS as the application server's client and server security system.
In terms of features, a non-exhaustive list of elytron features, include:
- A set of API that you call and use to achieve your security goals, and a set of SPI that you can extend and implement to achieve custom security implementations
- A unified security solution across the application server, which is now fragmented into several parts of your configuration
- Support for secure server-side authentication mechanisms based on HTTP, SASL, and TLS, as well as supporting other authentication protocols in the future without change (such as RADIUS, for example)
- Support for password credential types using the standard Java cryptography extension structure (such as DES, MD5, SHA, bcrypt, and so on)
- Propagation of identities to remote application servers...