Versions Compared

Old Version 7

changes.mady.by.user Norman J Wright

Saved on

compared with

New Version 8

changes.mady.by.user Norman J Wright

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Cannot just get a String, need to be able interrogate type of token.
    1. User user = securityMgr.getCurrentUser ();
    2. user.getType (); (i.e. Kerberos, MIT ID, email address, Alumni ID, etc)
    3. user.convertTo (type); - allows programmer to convert between supported types
  2. Service layer access to authenticated user without having it explicitly passed in each call
    1. i.e. User user = securityMgr.getCurrentUser (); works on service layer just as it does on the web tier
    2. A way to do machine to machine authentication (or app to app authentication)
    3. An ability to invoke service method on behalf of a named business user
  3. Ability to impersonate another for testing just within a particular application
    1. Grant Impersonate to X for application Y
    2. UI to let X type in user Z to impersonate them within the rest of the application
    3. User user = securityMgr.getCurrentUser (); // must return Z
    4. User user = securityMgr.getTrueUser (); // optional to return X

Authorization requirements

...