I've went again through JAAS docs, and apparently there is no standard API for exploring the users and roles "database" :-/
This is similar with Acegi... You can, from a user principal, get a list of "roles" (bottom-up), but you can't get a list of all roles, get all the users in a given role, etc. (I have posted a question on the Acegi forum but got no answer).
Last but not least, realms have to be configured at the App Server level, and so it's not portable from a container to another...
All this just sucks ! Not only the roles/users structure is flat, moreover you can't get the informations in a standard way !
Man, maybe I should propose the Profile Repository concept to the JCP ;-P
So, for using facets with CMS, one has to implement a specific Profile Repository from scratch, that relies on his own stuff...
Today I'll try to work on a base class that already implements most of the stuff for managing Users and Roles, with a higher abstraction level than the base IProfileRepository interface. This should allow easier implementation of the Profile Repository.
This base class will be used for testing with regular CMS (e.g. JAAS Login Module in Tomcat) and Acegi (custom UserDetailsService).
If testing is successful, I'll include the CMS stuff in 1.3.
No comments:
Post a Comment