On Mon, Aug 25, 2008 at 12:21 PM, Allen Gilliland <[EMAIL PROTECTED]> wrote: > What's the use case that requires you to need the username?
What I'd like to is to serve a profile page for each user and I was hoping for a nice clean URL. Whether I did this via page templates or a new action/JSP, I still need a unique identifier for the URL. > The reason we blocked access to that field is for security reasons. The > account username/password fields should be known only to their user and only > be used for authentication. For everything else we should be using other > fields IMO. Yes, I see your point. Especially since some sites use email address for user name. > If you need something that uniquely identifies the user then we should use > either the userId (user.getId()), which is used by the data store, or add > some kind of other public version of the userId which is meant for sharing. I'm not a big fan of exposing database IDs or adding yet another identifier. We already have these: username: unique and unchanging ID for user screenname: non-unique and changeable name for user Adding another might be too confusing. - Dave
