[security-dev] PicketLink 3 IDM - Information Contained Within a User
darran.lofthouse at jboss.com
Sat Dec 1 11:01:00 EST 2012
Keeping in mind that a user could represent either a human or non-human
agent is it really correct to assume that all users have a first name, a
last name and an e-mail address?
Even for human users whilst it is likely they would have all three of
these does it make sense to assume they always will? I am just thinking
could it make more sense to maybe have an 'Account' interface above
'User' to allow for accounts that have no relationship to humans?
More information about the security-dev