Hi,
With regards to the API of JSR 375, perhaps it's not a bad idea to do some
polishing of what we have now before continuing on?
There's some small things like naming, i.e. I noticed we have
a LDapIdentityStore now. Note the "LDap", we should probably refer to it as
"LDAP" consistently.
There's also a ton of methods
in javax.security.authentication.mechanism.http.HttpMessageContext that
could do with some review.
Something like javax.security.CallerPrincipal may need an equals and
hashcode method, etc, etc.
Kind regards,
Arjan Tijms