Requirement | Acegi |
|---|
Cannot just get a String, need to be able interrogate type of token.
- User = SecuritygetCurrent
- getType () (i.e. Kerberos, MIT ID, email address, Alumni ID, etc)
- convertTo (type) - allows programmer to convert between supported types
Service layer access to authenticated user without having it explicitly passed in each call* - A way to do machine to machine authentication (or app to app authentication)* - An ability to invoke service method on behalf of a named business user
|
|
Ability to impersonate another for testing just within a particular application
- Grant Impersonate to X for application Y
- UI to let X type in user Z to impersonate them
- The above methods for getCurrentUser () must return
|
|
Below are the documents that came out of the GASP/ISDA meetings:
...