Login via Username/Password

Logout

Authentication API and SPI

Credentials vs Credential (one of it needs a better name)

Duration of a valid authentication

ExpirationEvaluator SPI

Basic User/Identity API

Object level permission

Basic Roles and groups API

optional type-safe (-> static) groups (and roles)

@SecurityMethodBinding

Super-users

User/Identity management

Group management

optional support for typ-safe groups/group-types

Support for deputies (see Impersonalization)

Privileges concept

Grant or revoke permissions

UI SPI (Component based authorization)

add optional type-safe authorization; integration with JSF

Permissions of resources

Merge with CODI view-configs,...

Persistence SPI

integration with JPA

Identity Store SPI

Query API

Application roles

Support of alternative authentication concepts

Extend the Authentication SPI

Integration with authentication concepts of (application-) servers

Extend the Authentication SPI

Personalization

Alternatives for roles/groups

Permission for external applications