Versions Compared

Old Version 7

changes.mady.by.user Gerhard Petracek

Saved on

compared with

New Version 8

changes.mady.by.user Gerhard Petracek

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Feature

Comments

Objections

Discussion finished

Support of alternative authentication concepts

Extend the Authentication SPI

 

 

Integration with authentication concepts of (application-) servers

Extend the Authentication SPI

 

 

Personalization

 

 

 

Alternatives for roles/groups

 

 

 

Permission for external applications

 

 

 

Ongoing discussions

API

Identity

Session scoped result of the authentication process.

Code Block

public interface Identity extends Serializable
{
    public enum AuthenticationResult
    {
        success, failed, exception //TODO discuss upper- or lower-case
    }
    
    boolean isLoggedIn();

    User getUser();

    AuthenticationResult login();

    void logout();
}

User

Code Block

@Typed()
public class User implements Serializable
{
    private static final long serialVersionUID = -2234530384311026364L;

    private String id;

    public User()
    {
    }

    public User(String id)
    {
        this.id = id;
    }

    public String getId()
    {
        return id;
    }

    public void setId(String id)
    {
        this.id = id;
    }
}

Credential

Code Block

public interface Credential<T>
{
    T getValue();
}

LoginCredential (former Credentials)

Request scoped holder for the authentication process.

Code Block

public interface LoginCredential
{
    User getUser();

    Credential getCredential();

    void setCredential(Credential credential);

    void invalidate();
}

AuthenticatorSelector

Code Block

public interface AuthenticatorSelector
{
    Class<? extends Authenticator> getAuthenticatorClass();

    void setAuthenticatorClass(Class<? extends Authenticator> authenticatorClass);

    String getAuthenticatorName();

    void setAuthenticatorName(String authenticatorName);
    
    Authenticator getSelectedAuthenticator();
}

Authenticator

Code Block

public interface Authenticator
{
    public enum AuthenticationStatus 
    {
        SUCCESS, 
        FAILURE, 
        DEFERRED
    }

    void authenticate();

    void postAuthenticate();

    AuthenticationStatus getStatus();

    User getUser();
}
Code Block

public abstract class BaseAuthenticator implements Authenticator
{
    private AuthenticationStatus status;
    
    public AuthenticationStatus getStatus()
    {
        return status;
    }

    protected void setStatus(AuthenticationStatus status)
    {
        this.status = status;
    }

    public void postAuthenticate()
    {
        // No-op, override if any post-authentication processing is required.
    }
}

Use-cases

Authentication

Scenario

...