Opportunitities for Enhanced AAA for Lenya

Status of this document: RT (Random Thought)


At this point in time (between the release of 1.2.2 and 2.0) Lenya uses an entirely home grown AAA (read: triple-A, Authentication and Authorization), which is basically based on all AAA relevant information stored in files on the filesystem. For a walkthrough see [AuthenticationAndAuthorizationBackgrounder].

This leaves a lot of room for improvement to meet very different people's and organisations needs.

Potential enhancements

  • JAAS
  • Container Managed Security
  • Single-Sign-On solutions
  • No labels