[security-dev] DeltaSpike, IDM, Authentication and Authorization
Shane Bryzak
sbryzak at redhat.com
Mon Jul 30 18:15:21 EDT 2012
On 31/07/12 04:40, Bruno Oliveira wrote:
> Hi, some few open questions inline.
>
> On Friday, July 27, 2012 at 1:35 PM, Pete Muir wrote:
>
>>
>> Authentication
>> -------------------
> Which IDM domain model should I use, picketlink idm or DeltaSpike? I
> might be wrong, but probably those entities belongs to the IDM?
>> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
>>
>> This contains methods to log in, log out, get the current user, and
>> check if a user is logged in or not. In order to log in/log out, a
>> LoginCredential is provided:
> How do they fit together?
>
> ->
> https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/Credential.java
>
> ->
> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/Credential.java
>>
>> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/LoginCredential.java
>>
>> We also have a very basic representation of a user, which contains
>> some unique identifier for the user:
>>
>> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
>>
>> This isn't useful on it's own of course, but would plug into whatever
>> IDM solution you happen to use. In our case PicketLink IDM.
> Why not make use of same entity model from PicketLink IDM?
> https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/User.java.
> Or create some level of abstraction like that.
>
> How do I extend the User class to include a token and the email attribute?
All of this has been removed from DeltaSpike for now, and while the plan
is to eventually add a simple authentication API (I'm not sure why we
couldn't just use the one we already had) I don't think we can depend on
this for now, so I'll be re-implementing all of it again in the
PicketLink CDI module.
Shane
>
> - Bruno
>
>
>
>
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20120731/7f26b117/attachment.html
More information about the security-dev
mailing list