[
https://issues.apache.org/jira/browse/CLEREZZA-481?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13014453#comment-13014453
]
Henry Story commented on CLEREZZA-481:
--------------------------------------
I implemented the above and it works very well.
> AuthenticationMethod.authenticate(Request request) return Subject
> -----------------------------------------------------------------
>
> Key: CLEREZZA-481
> URL: https://issues.apache.org/jira/browse/CLEREZZA-481
> Project: Clerezza
> Issue Type: Improvement
> Reporter: Henry Story
>
> currently AuthenticationMethod.authenticate(Request request) returns String
> It would make more sense if it could return a Subject [1]. This would allow
> the object returned to be a lot richer. For example
> (a) A Subject can contain a number of credentials and a number of
> Principals. In the WebId with an X509 certificate continaing a number of
> Subject Alternative Names a subject could contain a number of WebID
> Principals. Some WebIDs might take time to be verified, so they could appear
> in the Subject at a later time.
> (b) A Subject can also contain credentials. In fact X509 certificates
> should be the prototypical public credential.
> (c) Credentials can be any object, but clearly one could wrap an
> X509certificate in a class with an isCurrent() method to test if the
> certificate is still valid. It would also allow X509certs to be destroyed,
> which could then perhaps throw TLS exceptions... to be looked into.
> 1]
> http://download.oracle.com/javase/6/docs/technotes/guides/security/jaas/JAASRefGuide.html#Subject
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
