[security-dev] [PicketBox 5] - Authentication API
Pedro Igor Silva
psilva at redhat.com
Tue Jul 31 16:01:02 EDT 2012
I would like to know your opinion about the authentication API that is being used by PicketBox 5.You can check an initial documentation here: https://docs.jboss.org/author/display/SECURITY/PicketBox+Authentication+API.
We are considering some requirements during the construction of this API. They are as follows:
- Easy-to-use and fast to get started;
- Flexible architecture providing ways to use different mechanisms like Username/Password, Digest, Certificates, SASL, etc;
- Unified authentication API. Although you can use different mechanisms, the API usage is the same;
- Allow authentication using multiple stores: properties, databases, ldap, etc;
- Hide mechanism`s complexity from users. Users do not need to be aware of the complexities behind a specific mechanism;
- Environment agnostic. You can use it in a pure Java SE application and in a JEE/CDI environment as well;
- Challenge/Response design;
- Authentication Events. Users should be able to observe specific authentication events like pre/pos authentication, failures, etc.
More information about the security-dev