| RE: [higgins-dev] JAAS Scenario |
|
OK, so based upon the response, looks like there may be a RCP tie here and there may not. So adding RCP adds to the adds to the mix. As there would need to be a framework to bridge core JAAS and the Eclipse RCP. I see. The benefits being the ability to provided login configurations and login modules in plugins(bundles), more easily contribute login modules, add a series of login events to the RCP, and provide the concept of a "platform" login to the RCP. Yes. So I believe that the IBM RCP team has done the above but has not contributed it to RCP project yet. So how important is RCP ? The Eclipse community seems to feel some great urgency about adding some kind of “platform” login to the RCP as you say. So I agree that we should add a JAAS/PAM box parallel level to “Other RCP Apps” or just as another box for "Java Applications" So there could be two boxes: “JAAS/RCP” and “Java Apps”, is that right? My team owns the JAAS code for the JDK so we could help out here, I just need to understand the scenario but the scenario I see is the following: browser->web application server->jaas login module->create jaas subject (context)-> create jaas principal (digital subject) -> call higgings to populate the principal objects (HTags) I can’t quite tell at this level of detail. Seems reasonable.
So one of
the scenarios that comes up is the integration of JAAS with Higgins, so JAAS
has the notion of LoginModules, these modules are responsible for creating
Subject and Principal objects and maybe Credential objects based upon the
authentication. So is the driving force being able to use JAAS to wrapper HTags
or something else ? |
"Paul
Trevithick" <paul@xxxxxxxxxxxxxxxxx>
