Hi Matthias, correct, in your case you could for instance generate a numeric ID from your string with a simple algorithm that does a one-to-one mapping (don't use hashcode, since different strings can have the same hashcode).
HTH, Geert On 21 May 2008, at 12:30, Matthias Barmeier wrote: > > Hi Geert, > > I think I understand what you mean, but for me it looks like you have > two unique ids for the same item. Am I right when I would say that you > use the numerical id to decouple rife from different authentication > mechs like smartcard or biometric data by using a numerical userId ? > And > that you do this because not every authentication mech is based on > username/password ? > > Ciao > Matthias > > > > Geert Bevin schrieb: >> Hi Matthias, >> >> the userId uniquely identifies a user for the authentication >> framework >> in RIFE. This is what will be used by the authentication managers to >> create an authentication session ID and be able to tie that back to >> the same user. >> >> The username and password are used for authorization. They're both >> needed in the RoleUsersManager to ensure that a user is valid and >> known. This authorization layer is entirely pluggable and in the case >> of the RoleUsersManager it is based on username, password and allowed >> roles. >> >> The long userId is what ties the authorization layer to the >> authentication layer. >> >> Hope this makes sense. >> >> Best regards, >> >> Geert >> >> On 21 May 2008, at 11:47, Matthias Barmeier wrote: >> >> >>> Hi, >>> >>> I am a bit confused about some methods in the RoleUsersManager >>> interface. I have implemented a new CredentialManager that >>> implements >>> the CredentialsManager and the RoleUsersManager interfaces. >>> >>> This works perfect for my database application. I now tried to >>> implement >>> a really simple role based authorization layer for another project >>> and >>> noticed that some methods in RoleUsersManager deals with long typed >>> userId and others needs a String typed user name. >>> >>> Shouldn't the user name be "unique enough"? Are there rife magic to >>> avoid the long typed userId because I retrieve userdata from a >>> legacy >>> system that has no numerical id. >>> >>> Ciao >>> Matthias >>> >>> >> >> -- >> Geert Bevin >> Terracotta - http://www.terracotta.org >> Uwyn "Use what you need" - http://uwyn.com >> RIFE Java application framework - http://rifers.org >> Music and words - http://gbevin.com >> >> >>> >> > > > -- Geert Bevin Terracotta - http://www.terracotta.org Uwyn "Use what you need" - http://uwyn.com RIFE Java application framework - http://rifers.org Music and words - http://gbevin.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "rife-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rife-users?hl=en -~----------~----~----~----~------~----~------~--~---
