users@javaee-security-spec.java.net

[javaee-security-spec users] [jsr375-experts] Re: Agenda for EG Meeting, 2017/04/07

From: Rudy De Busscher <rdebusscher_at_gmail.com>
Date: Sat, 8 Apr 2017 10:39:04 +0200

Hi Arjan,

The meeting was ended shortly after your connection broke up.

The question was to use also CredentialValidationResult with this method of
IdentityStore

*List<String> getGroupsByCallerPrincipal(CallerPrincipal callerPrincipal)*

In order to add additional information to it so that the IdentityStore has
more information about the Caller which was authenticated so that it can
retrieve the groups of the *correct person*

best regards

Rudy




On 7 April 2017 at 22:29, arjan tijms <arjan.tijms_at_gmail.com> wrote:

> Hi,
>
> I just lost the connection totally too, but probably because it was
> automatically ended by the time limit set.
>
> Oh well, good things were discussed. Perhaps we should have had those
> meetings on a regular basis some time ago, but what's done is done.
>
> Last point of discussion was the CredentialValidationResult that should be
> passed around, but actually this already is. Or maybe I understood the
> question not correctly.
>
> But if you look at the handler, then the main loop is this:
>
> CredentialValidationResult validationResult = null;
>
> // Check stores to authenticate until one succeeds.
> for (IdentityStore authenticationIdentityStore :
> authenticationIdentityStores) {
> validationResult = authenticationIdentityStore.
> validate(credential);
> if (validationResult.getStatus() == VALID) {
> break;
> }
> }
>
>
> This makes its decision based on CredentialValidationResult above
> anything else. But again, maybe I understood incorrectly.
>
> Kind regards,
> Arjan Tijms
>
>
>
>
>
>
> On Fri, Apr 7, 2017 at 10:05 PM, Werner Keil <werner.keil_at_gmail.com>
> wrote:
>
>> Hi,
>>
>> Looks like I totally lost the connection, Wifi keeps breaking down. I
>> might try again, otherwise hope next week it will be more stable... So far
>> it was OK here.
>>
>> Werner
>>
>> On Fri, Apr 7, 2017 at 8:21 PM, Werner Keil <werner.keil_at_gmail.com>
>> wrote:
>>
>>> Hi Sorry to be late, where is the Zoom URL?
>>>
>>> Werner Keil | JCP Executive Committee Member, JSR 363 Maintenance Lead
>>> | Eclipse UOMo Lead, Babel Language Champion | Apache Committer
>>>
>>> Twitter @wernerkeil | @UnitAPI | @JSR354 | @AgoravaProj | @TamayaConf |
>>> @OpenDDR | #EclipseUOMo
>>> Skype werner.keil <http://gplus.to/wernerkeil>
>>>
>>>
>>>
>>> On Fri, Apr 7, 2017 at 7:40 PM, Will Hopkins <will.hopkins_at_oracle.com>
>>> wrote:
>>>
>>>> Agenda:
>>>>
>>>> -- JavaOne talks (Werner):
>>>> -- I think this is a good idea. Willing to present myself, or with
>>>> others from the EG. Having a single session makes sense to me, don't know
>>>> what sort would be best -- maybe BOF? Not sure whether Oracle has a
>>>> separate internal CFP with different deadlines, looking into it now.
>>>>
>>>> -- Glassfish security guide (Werner):
>>>> -- I believe the Oracle doc team will update this with relevant
>>>> information.
>>>>
>>>> -- Build issues (Arjan):
>>>> -- pushing out the api artefact to bintray
>>>> -- pushing milestones (also) to maven central
>>>> -- testing the builds
>>>>
>>>> -- Spec/API issues (Arjan):
>>>> -- checking the source (specifically api) adjusting where needed
>>>> -- (will) need to review RI too, for functionality not in API
>>>> -- any new features still? Events, @Authorized, ... ?
>>>>
>>>> -- Process (Will):
>>>> -- Very little time left in the schedule, need to work efficiently
>>>> -- Regular meetings (same time each week)?
>>>> -- GitHub issues vs. JIRA?
>>>> -- Process/tools for doc review?
>>>>
>>>> -- Doc Review (Will):
>>>> -- Walk through EDR1 draft addressing open issues
>>>>
>>>> -- Other Business?
>>>>
>>>> --
>>>> Will Hopkins | WebLogic Security Architect | +1.781.442.0310 <+1%20781-442-0310>
>>>> Oracle Application Development
>>>> 35 Network Drive, Burlington, MA 01803
>>>>
>>>>
>>>
>>
>