felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcel Offermans <marcel.offerm...@luminis.nl>
Subject Re: Google Summer of Code: Marcin Wilkos
Date Wed, 27 May 2009 09:31:54 GMT
Hello Guillaume,

On May 27, 2009, at 11:20 , Guillaume Nodet wrote:

> Right, I think there is a real need to support UserAdmin, but given
> both JAAS and UserAdmin will be used for the same thing, it should be
> easy to support both using a simple interface:
>   public interface WebConsoleSecurityProvider {
>      /** Check if the user with the specified password exists and
> return an object identifying the user, else throw an exception */
>      public Object authenticate(String username, String password)
> throws SecurityException;
>      /** Check that the authenticated user has the given role
> permission or throw an exception */
>      public void authorize(Object user, String role) throws  
> SecurityException;
>   }
> Imho, this should be sufficient to provide authentication and
> authorization for the web console and can be easily implemented using
> UserAdmin or JAAS.

To be honest, UserAdmin already is an interface which abstracts from  
an implementation, so I don't really see a need to add another  
interface to abstract from that. Having a JAAS backend for UserAdmin  
would be nice too since that would be usable in a much broader context.

Greetings, Marcel

View raw message