[security-dev] DeltaSpike, IDM, Authentication and Authorization

Bruno Oliveira abstractj at redhat.com
Tue Jul 31 09:56:37 EDT 2012 

+100000 

I saw that https://github.com/apache/incubator-deltaspike/commit/79b067158335d743b28fcefa80b91c10ec6bce2a 


-- Bruno


On Tuesday, July 31, 2012 at 10:54 AM, Pete Muir wrote:

> 
> On 30 Jul 2012, at 23:15, Shane Bryzak wrote:
> 
> > On 31/07/12 04:40, Bruno Oliveira wrote:
> > > Hi, some few open questions inline.
> > > On Friday, July 27, 2012 at 1:35 PM, Pete Muir wrote:
> > > 
> > > > 
> > > > Authentication
> > > > -------------------
> > > > 
> > > 
> > > Which IDM domain model should I use, picketlink idm or DeltaSpike? I might be wrong, but probably those entities belongs to the IDM? 
> > > 
> > 
> > 
> 
> 
> As Shane said, DS IDM is no more.
> 
> > > > https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
> > > > 
> > > > This contains methods to log in, log out, get the current user, and check if a user is logged in or not. In order to log in/log out, a LoginCredential is provided:
> > > How do they fit together? 
> > > 
> > > -> https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/Credential.java
> > > 
> > > -> https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/Credential.java
> 
> 
> > > > 
> > > > https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/credential/LoginCredential.java
> > > > 
> > > > We also have a very basic representation of a user, which contains some unique identifier for the user:
> > > > 
> > > > https://github.com/apache/incubator-deltaspike/blob/5e4a7eb4de01004206f24ae22b9850e643bffe54/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
> > > > 
> > > > This isn't useful on it's own of course, but would plug into whatever IDM solution you happen to use. In our case PicketLink IDM.
> > > Why not make use of same entity model from PicketLink IDM? https://github.com/picketlink/picketlink-idm/blob/master/picketlink-idm-api/src/main/java/org/picketlink/idm/api/User.java. Or create some level of abstraction like that.
> > > 
> > > How do I extend the User class to include a token and the email attribute?
> > 
> > All of this has been removed from DeltaSpike for now, and while the plan is to eventually add a simple authentication API (I'm not sure why we couldn't just use the one we already had) I don't think we can depend on this for now, so I'll be re-implementing all of it again in the PicketLink CDI module.
> 
> We should try to use the DS stuff if possible. Once 0.3 is out, let's push to get this added into DS.
> 
> If not, we do it in Picket, I agree.
> 
> > 
> > Shane
> > 
> > > 
> > > - Bruno
> > > 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20120731/897236a4/attachment-0001.html

More information about the security-dev mailing list