On Jan 30, 2006, at 3:42 PM, Dain Sundstrom wrote:
On Jan 30, 2006, at 11:49 AM, Simon wrote:
public interface ILoginService {
No "I"s on interface names please
agreed, I forgot to mention this.
I agree with you that the default principal and run-as principals
should be
authenticated on application start-up; (That was my thinking as well)
Why would we need to authenticate the default and run-as
principals? Aren't they just object we create?
I was initially surprised at this idea and certainly want more
comments. Also, they are Subjects IIUC not Principals. However,
after thinking about it a bit more I think this is a good idea
because it puts all the access decisions in the same system. So, if
you are administering the login info and what principals get assigned
to each user, you also in the same way administer what principals get
assigned to the default user(s).
I guess it has the odd effect that you can log in as the default
user, only explicitly :-)
thanks
david jencks
-dain