Arjan,
*Caller* for me, as User refers to much to a human on the other side (and
we have also processes)
regards
Rudy
On 18 June 2015 at 23:28, arjan tijms <arjan.tijms_at_gmail.com> wrote:
> Hi,
>
> Another concept for which there are different terms in use is what we
> often call using simple language the "logged-in user", and with some more
> formal language sometimes the "authenticated/authentication identity".
>
> Next to the logged-in/authentication user/identity, there's another
> variant; the run-as user/identity.
>
> In Java EE there's one extra step even. Various API methods return a
> single principal from the user/identity called the "user principal" or the
> "caller principal".
>
> To put these terms somewhat in context, consider the following sentence
> from the JASPIC spec, B.1:
>
> "When the authentication identity is provided to the container as a bag of
> principals in a Subject, the container needs some way to recognize which of
> the principals in the subject should be returned as the caller or user
> Principal."
>
> Now it's this last term that's specifically problematic in Java EE "caller
> or user principal". https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-2
> shows that various APIs in Java EE use either "caller" or "principal" now.
>
> For this issue I'd like to ask you again to vote for a term, or propose a
> new term. Again, it's a non-binding vote of course and to establish a
> working term. As the previous vote ran for a long time, I'd like to set
> this vote to *2 weeks*.
>
> The list of terms is currently the following:
>
> 1. user (principal)
> 2. caller (principal)
> 3. ???
>
> Pedro already expressed a preference for "caller" in the issue, which is
> my preference as well (but consistency is my top concern).
>
> So we now have
>
> 2 out of 14 voted:
>
> Pedro Igor: caller
> Arjan Tijms: caller
>
> Kind regards,
> Arjan Tijms
>
>
>
>
>
>