[jboss-dev-forums] [Design of Security on JBoss] - Re: SecurityContext
scott.stark@jboss.org
do-not-reply at jboss.com
Thu Aug 31 00:25:43 EDT 2006
A trust decision can involve outside server calls, the same as an authentication decision, but the context is likely missing proof of identity. Rather there is a statement of identity and maybe some attributes along with it. SSO is really a trust decision as opposed to an authentication. Maybe there can be a single trust/authentication spi. Flesh it out with some mocked up test cases of usage we need to support.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3968519#3968519
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3968519
More information about the jboss-dev-forums
mailing list