After sending the email I realized, that we just need string based attribute storage since binary stuff can be base64 encoded. There is string attribute/values in the IdentityStore API but not reflected in the IDM user type.
On Tue, Jul 3, 2012 at 5:20 PM, Anil Saldhana <[email protected]>wrote: > Hi All, > I wanted to share some of my thoughts on the security module work ( > https://github.com/sbryzak/DeltaSpike/tree/security/) championed by Shane. > > 1) Is it be possible to have the IDM API/SPI as a standalone jar such that > oss projects outside of Deltaspike intending to have an IDM implementation > do not need the entire DS security stack? In my view the security module > can definitely be viewed as IDM and Non-IDM > 2) The User type does not seem to store binary data about the user - such > as OTP tokens, X509 certificates etc. These can be stored/retrieved from > Identity Stores (both DB and LDAP). The Identity Model (primarily the User > type) should be able to help store things such as "Questions/Answers for > password retrieval", "Pictures displayed during login". I think the User > type having facilities to store binary attributes would suffice for this. > 3) Rename the IDM User class to UserType. It will confuse everyone with > the API level User class (that is used for credential based authentication). > > > Regards, > Anil > [email protected] >
