I'm interested in using a slightly modified access control structure than the default slide structure.
Basicaly, I would like to remove the /users scope. Instead of using subject names such as /users/john I would like to use john, or "uid=john, dc=community,dc=org", or whatever principal name I desire. The principal is authenticated by the container. I guess the easiest way to make this happen would be to modify the classes; org.apache.slide.security.NodePermission (maybe not necessary to touch?) org.apache.slide.security.SecurityImpl (or just add a new implementation of the Security interface) I could probably also implement a namespace for /users/ that looks up my users using jndi, but our ldap server will contain millions of users. A few questions; Is this approach considered bad with respect to the overall design of slide? Is there any other way that might be easier? Are there a lot of dependencies to the /users/ namespace throughout the slide codebase? -- - Torgeir
