Yeah, I think that attributes can handle that kind of thing.
----- Original Message -----
From: "Anil Saldhana" <asaldhan(a)redhat.com>
To: "Pedro Igor Silva" <psilva(a)redhat.com>
Cc: security-dev(a)lists.jboss.org
Sent: Friday, December 7, 2012 8:25:15 PM
Subject: Re: [security-dev] IDM: REST API
Can we just not use the attributes on the User? Such as "otherNames" to
identify the different usernames, he may have used?
SCIM comes into picture wherein one cloud provider/service wants to create accounts for
users in the other cloud provider/service. Some trust agreements have to be in place
between the two cloud providers.
----- Original Message -----
From: "Pedro Igor Silva" <psilva(a)redhat.com>
To: "Anil Saldhana" <anil.saldhana(a)redhat.com>
Cc: security-dev(a)lists.jboss.org
Sent: Friday, December 7, 2012 4:15:00 PM
Subject: Re: [security-dev] IDM: REST API
They use a id/externalId/userName to identify users. Not sure if we have that in PL.
Maybe this is a important thing to consider given that:
* User can have different identifiers (eg.: username) for each cloud application. How
we know that a specific username maps to a single person ?
* During the authentication each application may require one of the user's
identifier.
Let's get the following example:
* John is a person. For application A he is using a username "john". For
application B he is using "john2012".
This solution can be very important when *auditing* user actions. That way we can map
different identifiers to a single person. Considering a cloud and heterogeneous
environment.
Regards.
Pedro Igor
----- Original Message -----
From: "Anil Saldhana" <asaldhan(a)redhat.com>
To: security-dev(a)lists.jboss.org
Sent: Friday, December 7, 2012 6:53:46 PM
Subject: [security-dev] IDM: REST API
http://www.simplecloud.info/
SCIM is very popular for user provisioning using REST.
_______________________________________________
security-dev mailing list
security-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev