0 Replies Latest reply on Jan 21, 2009 10:35 PM by wachtda.scsi.gmx.ch

    IdentityStore

    wachtda.scsi.gmx.ch
    wachtda.scsi.gmx.ch Jan 21, 2009 10:35 PM

      Hello seam users!


      I'm currently test the implementation of the new seam security features, namely the IdentityStore.
      After reading the documents and fiddle arround with the IdentityStore I now have some questions:


      1.) Is it correct, that I can use the Permission (with Entity) only in combination with
          the IdentityStore?


      2.) I'm not sure, if the IdentityStore can really satisfie the needs of a user authorisation...
          I think, the idea with the IdentityStore is pretty cool, because I can develop my app
          against an API! But, what If I need more then only a authorisation? If I wanna store the user
          credentials, for a some objects a user creates. (for example a new memo entry of a user)


          If I make my auth against a ldap, I don't have any user objects in my app to store.
          What is the correct approach, the idea of such a scenario?


      3.) In my app I have a table for the users. (I use the JPAIdentityStore)
          If I load the user from the table (with the IdentityManager to get the current user)
          I have a real user object. Is that a bad idea to use the IdentityStore?


      I hope I'm not confusing you with my long questions...
      But I wanna use the seam security components, and I will use it the correct way!
      Thank you