Howdy, answers inline.
--
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
On Wednesday, December 12, 2012 at 12:36 PM, Sebastien Blanc wrote:
Hi,
For Jira
https://issues.jboss.org/browse/AEROGEAR-657 I've been playing and hacking a
bit, for now that's the result :
(you can log in with admin priviliges with admin/admin)
http://agcontrollerdemo-sblanc.rhcloud.com/aerogear-controller-demo
(
http://agcontrollerdemo-sblanc.rhcloud.com/aerogear-controller-demo/admin)
This demo show the usage of 2 different types of roles :
- Simple user can just login/register.
+1
- Admin can register other users and see a list of registerd users.
I'd suggest nothing huge, but admin could be able to add/remove users.
When diving into AG-Security, here are some remarks that we can discuss on this thread :
- The current API is very lean : login, logout, grant
That's the idea, keep it clean.
- For the demo, I've added a new method getAuthenticatedUsers() but what about adding
some others methods to be able to do some CRUD action :
* getUser
* deleteUser
* updateUser
Might be a good idea or another alternative could be just expose the provider via
WhateverClass and let our developers do it by yourselves. From API usability perspective
I'm not sure what is our best alternative.
I'm +1 for prototype the API and post the suggestions here.
I'm also missing a method to retrieve the role of a user, so just a simple : getRole
In which scenario do we need it?
I've also another remark : when registering a new user, we put him by default in a
group called "default user group", maybe we want to make it a bit more flexible
by providing a group ?
+1
Questions and remarks are welcome !
Seb
Feel free to gist your proposal or send PRs.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org (mailto:aerogear-dev@lists.jboss.org)
https://lists.jboss.org/mailman/listinfo/aerogear-dev