Hello-
I am building an application that needs a user model, but the
authentication may be elsewhere (LDAP whatever) -- is there any advice
on the best way to design this?
Say I have a user class User, and store info like name, email, list of
"favorites", etc, etc. Consider the case where the user
authenticates successfully on an LDAP server, but that user does not
exist in my local database: are there any suggested models for where
to trigger creating a new User class? Perhaps I need to extend a
SecurityManager and then make Users on #createSubject() -- perhaps a
wrapper Realm that creates a user on successful login. Are there an
general practices people use?
Another question is if the User should be attached to the Subject
somehow. Alternatively, Subject#getPrincipal() could be used to grab
the User class whenever it is needed.
Any advice would be great. I'll do my best to distill any best
practices in the wicketstuff example apps.
Thanks again
ryan
- User model with configurable authentication? Ryan McKinley
-
