Hello Guillaume,
On May 27, 2009, at 11:20 , Guillaume Nodet wrote:
Right, I think there is a real need to support UserAdmin, but given
both JAAS and UserAdmin will be used for the same thing, it should be
easy to support both using a simple interface:
public interface WebConsoleSecurityProvider {
/** Check if the user with the specified password exists and
return an object identifying the user, else throw an exception */
public Object authenticate(String username, String password)
throws SecurityException;
/** Check that the authenticated user has the given role
permission or throw an exception */
public void authorize(Object user, String role) throws
SecurityException;
}
Imho, this should be sufficient to provide authentication and
authorization for the web console and can be easily implemented using
UserAdmin or JAAS.
To be honest, UserAdmin already is an interface which abstracts from
an implementation, so I don't really see a need to add another
interface to abstract from that. Having a JAAS backend for UserAdmin
would be nice too since that would be usable in a much broader context.
Greetings, Marcel
