[security-dev] DeltaSpike, IDM, Authentication and Authorization

Bruno Oliveira bruno at abstractj.org
Mon Jul 30 14:40:55 EDT 2012 

Hi, some few open questions inline.

On Friday, July 27, 2012 at 1:35 PM, Pete Muir wrote:

> 
> Authentication
> -------------------
> 
> 

Which IDM domain model should I use, picketlink idm or DeltaSpike? I might be wrong, but probably those entities belongs to the IDM?  
> 
> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
> 
> This contains methods to log in, log out, get the current user, and check if a user is logged in or not. In order to log in/log out, a LoginCredential is provided:
How do they fit together? 

-> https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/Credential.java

-> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/Credential.java
> 
> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/LoginCredential.java
> 
> We also have a very basic representation of a user, which contains some unique identifier for the user:
> 
> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
> 
> This isn't useful on it's own of course, but would plug into whatever IDM solution you happen to use. In our case PicketLink IDM.
Why not make use of same entity model from PicketLink IDM? https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/User.java. Or create some level of abstraction like that.

How do I extend the User class to include a token and the email attribute?

- Bruno


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20120730/8f018c29/attachment-0001.html

More information about the security-dev mailing list