My
understanding of JAAS is shallow. I think we need to create a LoginContext that
sits above Higgins API as a client. Then, we need to create a root context
provider impl that uses the JAAS KeyStore. After that things get really fuzzy
for me. I pinged one of the Lotus Workspace folks who knows JAAS to ask if he’d
help us think this through but I didn’t hear back. I guess in a sense we
would be using a JAAS LoginContext to wrap Higgins that in turn contained
H-Tags. Must learn JAAS better. I did realize one thing the other day: I think we
should add a JAAS LoginContext box to this picture: http://spwiki.editme.com/ArchitectureM4
at a parallel level to “Other RCP Apps”.
So one of
the scenarios that comes up is the integration of JAAS with Higgins, so JAAS
has the notion of LoginModules, these modules are responsible for creating
Subject and Principal objects and maybe Credential objects based upon the
authentication. So is the driving force being able to use JAAS to wrapper HTags
or something else ?
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122