Please add me as a vote for 'Caller' - generally my main priority would
be to avoid a word that leads to an assumption the remote 'thing' is human.
Regards,
Darran Lofthouse.
On 18/06/15 22:28, arjan tijms wrote:
> Hi,
>
> Another concept for which there are different terms in use is what we
> often call using simple language the "logged-in user", and with some
> more formal language sometimes the "authenticated/authentication identity".
>
> Next to the logged-in/authentication user/identity, there's another
> variant; the run-as user/identity.
>
> In Java EE there's one extra step even. Various API methods return a
> single principal from the user/identity called the "user principal" or
> the "caller principal".
>
> To put these terms somewhat in context, consider the following sentence
> from the JASPIC spec, B.1:
>
> "When the authentication identity is provided to the container as a bag
> of principals in a Subject, the container needs some way to recognize
> which of the principals in the subject should be returned as the caller
> or user Principal."
>
> Now it's this last term that's specifically problematic in Java EE
> "caller or user principal".
> https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-2 shows that various
> APIs in Java EE use either "caller" or "principal" now.
>
> For this issue I'd like to ask you again to vote for a term, or propose
> a new term. Again, it's a non-binding vote of course and to establish a
> working term. As the previous vote ran for a long time, I'd like to set
> this vote to *2 weeks*.
>
> The list of terms is currently the following:
>
> 1. user (principal)
> 2. caller (principal)
> 3. ???
>
> Pedro already expressed a preference for "caller" in the issue, which is
> my preference as well (but consistency is my top concern).
>
> So we now have
>
> 2 out of 14 voted:
>
> Pedro Igor: caller
> Arjan Tijms: caller
>
> Kind regards,
> Arjan Tijms