incubator-esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Pollak" <feeder.of.the.be...@gmail.com>
Subject Re: Scrum call summary (authentication section)
Date Tue, 06 Jan 2009 20:55:33 GMT
On Tue, Jan 6, 2009 at 12:05 PM, Daniel Koller <dakoller@googlemail.com>wrote:

> Hi,
>
> is it possible to standardize the interface from ESME to the servlet
> container:


I'd strongly prefer not to do that.  It's fine for the auth plugin to do
that, but this would mean that the container needs to support OpenID if an
ESME instance is to support OpenID.


>
>
> There are two relevant API calls in HttpServletRequest (which get feeded
> from the container where they run in)
>
> - getUserPrincipal()
> - isUserinrole()
>
> The main task would be that we in ESME we rely on the results of these two
> calls (however there will be OpenID/NTLM etc. specific handling in a
> special
> JAAS module with special database tables)
>
> Kind regards,
>
> Daniel
>
> On Tue, Jan 6, 2009 at 8:45 PM, David Pollak
> <feeder.of.the.bears@gmail.com>wrote:
>
> > Darren,
> >
> > I'm going to split out the auth part of ESME.  There will a generic "auth
> > data" table that will contain generic information for authentication
> > schemes.  Each scheme (and many schemes may be present simultaneously)
> will
> > write a row in the table.
> >
> > I'll write the openid plugin and you can write others.
> >
> > How does that sound?
> >
> > Thanks,
> >
> > David
> >
> > On Tue, Jan 6, 2009 at 10:51 AM, Darren Hague <dhague@fortybeans.com>
> > wrote:
> >
> > > Quick notes from the 1st part of the Scrum call today (Dick to produce
> > > notes from part 2).
> > >
> > > We need to look at auth approach, with JAAS preferred for J2EE
> > > container-based authentication & authorisation. This will give easy
> > access
> > > to enterprise-based authentication systems. OpenID, while a good
> initial
> > > choice, is causing usability and technical problems and is of little
> > > relevance to the enterprise context.
> > >
> > > Daniel will look at removing the OpenID dependency from ESME (mostly by
> > > asking David and the rest of the Lift community)
> > > Darren will look at doing a JAAS/Lift sample app which cas serve as the
> > > basis for JAAS auths in ESME, and of course can be contributed back to
> > Lift.
> > >
> > > Cheers,
> > > Darren
> >
> >
> >
> >
> > --
> > Lift, the simply functional web framework http://liftweb.net
> > Collaborative Task Management http://much4.us
> > Follow me: http://twitter.com/dpp
> > Git some: http://github.com/dpp
> >
>
>
>
> --
> ---
> Daniel Koller
> Jahnstrasse 20
> 80469 M√ľnchen * dakoller@googlemail.com
>



-- 
Lift, the simply functional web framework http://liftweb.net
Collaborative Task Management http://much4.us
Follow me: http://twitter.com/dpp
Git some: http://github.com/dpp

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message