Hi All, I wanted to share some of my thoughts on the security module work ( https://github.com/sbryzak/DeltaSpike/tree/security/) championed by Shane.
1) Is it be possible to have the IDM API/SPI as a standalone jar such that oss projects outside of Deltaspike intending to have an IDM implementation do not need the entire DS security stack? In my view the security module can definitely be viewed as IDM and Non-IDM 2) The User type does not seem to store binary data about the user - such as OTP tokens, X509 certificates etc. These can be stored/retrieved from Identity Stores (both DB and LDAP). The Identity Model (primarily the User type) should be able to help store things such as "Questions/Answers for password retrieval", "Pictures displayed during login". I think the User type having facilities to store binary attributes would suffice for this. 3) Rename the IDM User class to UserType. It will confuse everyone with the API level User class (that is used for credential based authentication). Regards, Anil [email protected]
