[security-dev] PicketLink 3 IDM - Information Contained Within a User
sbryzak at redhat.com
Tue Dec 4 20:13:36 EST 2012
On 12/03/2012 07:08 PM, Darran Lofthouse wrote:
> On 12/02/2012 11:36 PM, Shane Bryzak wrote:
>> I did propose something like this earlier on, by introducing an "Agent"
>> class in between IdentityType and User:
>> IdentityType -> Agent -> User
>> however the general consensus was that this overcomplicated things.
> One place that users would be exposed to this is if PicketLink backs the
> access to the management interfaces in AS7 they would need to know to
> avoid populating those fields or to populate them with dummy data if
> defining an account for another host controller.
That's a valid use case, and one that I can envision becoming more and
more common. If no-one has any objections then I'll add the
implementation for this back in tomorrow.
>> On 12/02/2012 02:01 AM, Darran Lofthouse wrote:
>>> Keeping in mind that a user could represent either a human or non-human
>>> agent is it really correct to assume that all users have a first name, a
>>> last name and an e-mail address?
>>> Even for human users whilst it is likely they would have all three of
>>> these does it make sense to assume they always will? I am just thinking
>>> could it make more sense to maybe have an 'Account' interface above
>>> 'User' to allow for accounts that have no relationship to humans?
>>> Darran Lofthouse.
>>> security-dev mailing list
>>> security-dev at lists.jboss.org
>> security-dev mailing list
>> security-dev at lists.jboss.org
> security-dev mailing list
> security-dev at lists.jboss.org
More information about the security-dev