Provide support for caching authorization when a user authenticates for the
lifetime of a session
-------------------------------------------------------------------------------------------------
Key: KI-73
URL: https://issues.apache.org/jira/browse/KI-73
Project: Ki
Issue Type: Improvement
Components: Authorization (access control)
Affects Versions: 0.9
Reporter: Jeremy Haile
Fix For: 1.0
Certain Realm implementations have access to a user's authorization information
at login, but cannot access authorization info at a later point in time. For
example, when authenticating to an external system, such as LDAP, the user's
credentials are required to access the LDAP repository. Since Ki (rightly)
does not hold onto the user's credentials after authentication, the only time
that their authorization info can be obtained is at login.
This doesn't currently work well with Ki because Ki treats authentication and
authorization as two separate steps, and does not allow the authorization info
to be obtained at the time of login - nor does it allow the authorization info
to be cached throughout the lifetime of a session.
Ki should add support for obtaining authorization info during the
authentication process and caching them for the lifetime of a user's session.
For more information, see the following email thread that generated this issue:
http://markmail.org/thread/hw235pals5jmclgu
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
