[jboss-dev-forums] [Design of Security on JBoss] - Re: SecurityContext
scott.stark@jboss.org
do-not-reply at jboss.com
Wed Aug 30 13:26:59 EDT 2006
The trust spi needs to support the mapping of one identity to another. SPENGO is an example of a full authentication sequence, not a trust decision. When I think of a trust spi, I'm thinking of having an identity/subject from one authentication domain and I need to map it to the current domain. Currently you have to have the full authentication info for the target domain. A trust spi allows one to query if and what the target domain identity is without performing full reauthentication.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968441#3968441
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968441
More information about the jboss-dev-forums
mailing list