On May 27, 2009, at 12:11 , Guillaume Nodet wrote:
I don't think having a UserAdmin delegating to JAAS could work because JAAS does not provide anything about modifying the underlying storage for creating / removing users or groups. UserAdmin provides such features, so I think it has to be to other way around: it should be quite easy to implement a JAAS login module that delegates to UserAdmin.
I appearantly don't know JAAS well enough, that's a good point. Also, the compendium spec (107.7) talks a bit about JAAS and UserAdmin, that might be worth having a look at.
Given I don't think requiring JAAS is a good idea, that's why I proposed such a simple API.
Ok.
I don't really see any drawback to such a pluggable mechanism, as I think it can be implemented for both JAAS and UserAdmin in a few lines of code: [snip..]
It's not a big drawback, I agree. I still have a small preference for using UserAdmin as the basis (even if you cannot implement any of the methods that modify things using JAAS) but a small extra interface is okay too.
Greetings, Marcel
