[
https://issues.apache.org/jira/browse/DERBY-3335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12561406#action_12561406
]
Daniel John Debrunner commented on DERBY-3335:
----------------------------------------------
A better name for the property might be: user.canonical (or user.cnf). The
property's name would be a public static final field in the UserAuthenticator
interface.
> Allow UserAuthenticator.authenticateUser to work with authorization
> identifiers and not user name.
> --------------------------------------------------------------------------------------------------
>
> Key: DERBY-3335
> URL: https://issues.apache.org/jira/browse/DERBY-3335
> Project: Derby
> Issue Type: Improvement
> Components: Security
> Reporter: Daniel John Debrunner
> Priority: Minor
>
> Add a new method to UserAuthenticator that allows the authentication scheme
> to request that the user name passed into authenticateUser is an
> authentication identifier. This would absolve authentication schemes from
> each implementing the mapping from user name to authorization identifier.
> Implementing the logic in each scheme is pointless and subject to errors if a
> different set of rules is implemented by the scheme (say by a coding bug).
> Signature could be
> /**
> Return true if the identifier argument to authenticateUser is to represent
> an authorization identifier,
> false if it is to represent the user name.
> Note the identifier argument passed into authenticateUser is provided by
> the database engine.
> @since 10.x If this method does exist then a return of false is assumed.
> */
> public boolean authenticateUsingAuthorizationId();
> The first argument to authenticateUser would change for userName to
> identifier with appropriate comment changes.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
