0 Replies Latest reply on Jan 21, 2009 10:35 PM by Daniel Wachter


    Daniel Wachter Newbie

      Hello seam users!

      I'm currently test the implementation of the new seam security features, namely the IdentityStore.
      After reading the documents and fiddle arround with the IdentityStore I now have some questions:

      1.) Is it correct, that I can use the Permission (with Entity) only in combination with
          the IdentityStore?

      2.) I'm not sure, if the IdentityStore can really satisfie the needs of a user authorisation...
          I think, the idea with the IdentityStore is pretty cool, because I can develop my app
          against an API! But, what If I need more then only a authorisation? If I wanna store the user
          credentials, for a some objects a user creates. (for example a new memo entry of a user)

          If I make my auth against a ldap, I don't have any user objects in my app to store.
          What is the correct approach, the idea of such a scenario?

      3.) In my app I have a table for the users. (I use the JPAIdentityStore)
          If I load the user from the table (with the IdentityManager to get the current user)
          I have a real user object. Is that a bad idea to use the IdentityStore?

      I hope I'm not confusing you with my long questions...
      But I wanna use the seam security components, and I will use it the correct way!
      Thank you