[
https://issues.apache.org/jira/browse/CLEREZZA-515?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13037546#comment-13037546
]
Henry Story commented on CLEREZZA-515:
--------------------------------------
> why should WebIDTester be changed
because I moved the class WebIdPrincipal that was in Scala and in the
foafssl.core package to platform security. Since the tester used the
WebIDPrincipal, it was re factored to use the new Java one which has a getter.
So why do we need a WebID principal? Because just as the principal definition
shows in the official javadoc there are completely different things: a social
security number principal is not a user name principal, is not an openid
principal, etc... Ie: they should not be used by an authentication system in
the same way. A social security principal for example in a traditional app
would go to the Social Security column in an employee table.
http://download.oracle.com/javase/6/docs/technotes/guides/security/jgss/tutorials/glossary.html
This cannot be seen by looking at the String returned by the principal, unless
those are forced to follow a specific URL like syntax. It is better for this to
be indicated by the class type.
> just fo another property to be shown
The point is to allow people to authenticate with WebID without giving them an
account. Currently the only thing that made sense was to show the account name
in the login panel. What WebID authentication did was create a fake account
name to satisfy existing code's need to do everything in terms of account
names. These patches make things a lot more flexible, allowing people to be
identified by their OpenID only, or by facebook connect, etc... No need to
force everything into account names.
It is quite possible of course to put the name in the system graph and get it
from there. I am ok with variations. The point of this patch was to show how
one can do authentication without account names, in a manner that is much more
open to future improvements.
> ugly account name when logging into ZZ with a foreign WebID
> -----------------------------------------------------------
>
> Key: CLEREZZA-515
> URL: https://issues.apache.org/jira/browse/CLEREZZA-515
> Project: Clerezza
> Issue Type: Bug
> Reporter: Henry Story
>
> When loggin in with my WebID http://bblfish.net/people/henry/card#me I get a
> login name
> http___bblfish.net_people_henry_card_me
> that is really ugly, and does not fit on the top page. It is not even
> guaranteed to be unique, so that it could
> lead to acces control issues.
> The server should try to display a name that is good looking, perhaps the
> person first name, last name, or
> nickname found in the profile document. What if none of those exist? Would a
> short automatically created name
> not be better? Any ideas?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
