Allow UserAuthenticator.authenticateUser to work with authorization identifiers
and not user name.
--------------------------------------------------------------------------------------------------
Key: DERBY-3335
URL: https://issues.apache.org/jira/browse/DERBY-3335
Project: Derby
Issue Type: Improvement
Components: Security
Reporter: Daniel John Debrunner
Priority: Minor
Add a new method to UserAuthenticator that allows the authentication scheme to
request that the user name passed into authenticateUser is an authentication
identifier. This would absolve authentication schemes from each implementing
the mapping from user name to authorization identifier. Implementing the logic
in each scheme is pointless and subject to errors if a different set of rules
is implemented by the scheme (say by a coding bug).
Signature could be
/**
Return true if the identifier argument to authenticateUser is to represent an
authorization identifier,
false if it is to represent the user name.
Note the identifier argument passed into authenticateUser is provided by
the database engine.
@since 10.x If this method does exist then a return of false is assumed.
*/
public boolean authenticateUsingAuthorizationId();
The first argument to authenticateUser would change for userName to identifier
with appropriate comment changes.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
