esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Koller" <dakol...@googlemail.com>
Subject Re: Scrum call summary (authentication section)
Date Tue, 06 Jan 2009 20:05:20 GMT
Hi,

is it possible to standardize the interface from ESME to the servlet
container:

There are two relevant API calls in HttpServletRequest (which get feeded
from the container where they run in)

- getUserPrincipal()
- isUserinrole()

The main task would be that we in ESME we rely on the results of these two
calls (however there will be OpenID/NTLM etc. specific handling in a special
JAAS module with special database tables)

Kind regards,

Daniel

On Tue, Jan 6, 2009 at 8:45 PM, David Pollak
<feeder.of.the.bears@gmail.com>wrote:

> Darren,
>
> I'm going to split out the auth part of ESME.  There will a generic "auth
> data" table that will contain generic information for authentication
> schemes.  Each scheme (and many schemes may be present simultaneously) will
> write a row in the table.
>
> I'll write the openid plugin and you can write others.
>
> How does that sound?
>
> Thanks,
>
> David
>
> On Tue, Jan 6, 2009 at 10:51 AM, Darren Hague <dhague@fortybeans.com>
> wrote:
>
> > Quick notes from the 1st part of the Scrum call today (Dick to produce
> > notes from part 2).
> >
> > We need to look at auth approach, with JAAS preferred for J2EE
> > container-based authentication & authorisation. This will give easy
> access
> > to enterprise-based authentication systems. OpenID, while a good initial
> > choice, is causing usability and technical problems and is of little
> > relevance to the enterprise context.
> >
> > Daniel will look at removing the OpenID dependency from ESME (mostly by
> > asking David and the rest of the Lift community)
> > Darren will look at doing a JAAS/Lift sample app which cas serve as the
> > basis for JAAS auths in ESME, and of course can be contributed back to
> Lift.
> >
> > Cheers,
> > Darren
>
>
>
>
> --
> Lift, the simply functional web framework http://liftweb.net
> Collaborative Task Management http://much4.us
> Follow me: http://twitter.com/dpp
> Git some: http://github.com/dpp
>



-- 
---
Daniel Koller
Jahnstrasse 20
80469 München * dakoller@googlemail.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message