Return-Path: 
 <dev-return-15227-apmail-felix-dev-archive=felix.apache.org@felix.apache.org>
Delivered-To: apmail-felix-dev-archive@www.apache.org
Received: (qmail 63550 invoked from network); 27 May 2009 22:53:56 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 27 May 2009 22:53:55 -0000
Received: (qmail 16143 invoked by uid 500); 27 May 2009 21:44:36 -0000
Delivered-To: apmail-felix-dev-archive@felix.apache.org
Received: (qmail 16118 invoked by uid 500); 27 May 2009 21:44:36 -0000
Mailing-List: contact dev-help@felix.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@felix.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@felix.apache.org>
List-Post: <mailto:dev@felix.apache.org>
List-Id: <dev.felix.apache.org>
Reply-To: dev@felix.apache.org
Delivered-To: mailing list dev@felix.apache.org
Received: (qmail 16104 invoked by uid 99); 27 May 2009 21:44:35 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 May 2009 21:44:35 +0000
X-ASF-Spam-Status: No, hits=1.2 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [69.18.222.48] (HELO smtp2.4emm.com) (69.18.222.48)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 May 2009 21:44:23 +0000
Received: from Marrs.lan (82.95.193.148) by SMTP.4emm.com (192.168.161.20)
 with Microsoft SMTP Server (TLS) id 8.1.336.0; Wed, 27 May 2009 17:46:13
 -0400
Message-ID: <E48B1E08-AD7A-4169-974B-B3F673945473@luminis.nl>
From: Marcel Offermans <marcel.offermans@luminis.nl>
To: <dev@felix.apache.org>
In-Reply-To: <b23ecedc0905270311l72daf7c3ib774e4574e90bcff@mail.gmail.com>
Content-Type: text/plain; charset="US-ASCII"; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0 (Apple Message framework v935.3)
Subject: Re: Google Summer of Code: Marcin Wilkos
Date: Wed, 27 May 2009 23:43:58 +0200
References: <67a6ab030905252311t15f414bfp26cb8f79776bb657@mail.gmail.com>
 <4A1BAFA7.2040007@apache.org>
 <b23ecedc0905260305qa43ce54h8fc4bd35d952f850@mail.gmail.com>
 <67a6ab030905262353s421c7a07kc4c665af916237d9@mail.gmail.com>
 <AC23FD31-8698-4BBE-8ECD-37FB95E0B865@luminis.nl>
 <4A1CE70A.8030406@apache.org>
 <b23ecedc0905270107m75cca591sb8853fd695c675bd@mail.gmail.com>
 <4A1CF8C1.5000205@gmail.com>
 <b23ecedc0905270220s7b22419cg526ca47e0cd6ce52@mail.gmail.com>
 <4DE03151-7AFE-4F1E-8397-D4ACF30A9BA2@luminis.nl>
 <b23ecedc0905270311l72daf7c3ib774e4574e90bcff@mail.gmail.com>
X-Mailer: Apple Mail (2.935.3)
X-Virus-Checked: Checked by ClamAV on apache.org

On May 27, 2009, at 12:11 , Guillaume Nodet wrote:

> I don't think having a UserAdmin delegating to JAAS could work because
> JAAS does not provide anything about modifying the underlying storage
> for creating / removing users or groups.   UserAdmin provides such
> features, so I think it has to be to other way around: it should be
> quite easy to implement a JAAS login module that delegates to
> UserAdmin.

I appearantly don't know JAAS well enough, that's a good point. Also,  
the compendium spec (107.7) talks a bit about JAAS and UserAdmin, that  
might be worth having a look at.

> Given I don't think requiring JAAS is a good idea, that's why I
> proposed such a simple API.

Ok.

> I don't really see any drawback to such a pluggable mechanism, as I
> think it can be implemented for both JAAS and UserAdmin in a few lines
> of code: [snip..]

It's not a big drawback, I agree. I still have a small preference for  
using UserAdmin as the basis (even if you cannot implement any of the  
methods that modify things using JAAS) but a small extra interface is  
okay too.

Greetings, Marcel