On 9/23/11 12:34 PM, Bill Burke wrote:
On 9/23/11 12:24 PM, Anil Saldhana wrote:
> On 09/23/2011 09:02 AM, Bill Burke wrote:
>> I want to talk about where app-developers want to security metadata,
>> how, and what the format is.
>>
>> I've already discussed a bit of the types of information that needs to
>> be stored:
>>
>> - username/password
>> - keypairs
>> - JPG images
>> - TOTP keys
>> - nonces
>> - Tokens
> These will be attributes pertaining to an user and generated for an
> user? So basically, we are looking at a simple identity store that has
> Identity/Attributes mapping. Look at picketlink IDM.
>
http://anonsvn.jboss.org/repos/picketlink/idm/
>
Needs better integration with AS. From what I saw, its a lot of
configuration just to set it up.
What I'm saying is that it should be embedded within AS7. Having it as
a separate process is just repetitive work. The current plugins
(user/roles/passwords) need to be rewritten to use this store. That way
you have every authentication type using the same storage instead of the
mish-mash hack, band-aid stuff we have currently (i.e. the totp plugin
which can only use property files).
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com