[security-dev] IdentityManager interface
lightguard.jp at gmail.com
Wed Sep 26 15:24:59 EDT 2012
I'm going through the API again as I've seen some changes since I last went
through it. I may be the only one in this boat, but I feel like this
interface is starting to become too crowded. Should some of the methods be
moved over to their respective objects (Identity, User, Role, Group, etc)?
Should we split things off into a different interface? I'm also becoming
concerned with the password and certificate methods on there.
It seems to me these are essentially authentication challenges. Eventually
I'm sure we'll add more like OAuth or OpenId, two-factor auth, etc. Will
each of these be their own methods? Could it be a configuration option to
build up a chain of authentication challenge providers? I had initially
thought of a challenge object which would allow input and provide a simple
response: pass, fail, move to next challenge. Maybe that's too broad or a
bad idea, I don't really know, just throwing out ideas.
Just looking to make this easy to use and make sure it makes sense to users
(who I think would be coming from a Java EE background).
Open Source Advocate
Author of Seam Catch - Next Generation Java Exception Handling
PGP key id: 926CCFF5
PGP key available at: keyserver.net, pgp.mit.edu
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security-dev