[JSecurity-Authorization] Re: AuthorizationContext multiple principals

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I would argue that with a vast majority of applications, a single principal is all that is needed to identify the current user - usually a user ID or a username.  Once an application knows this, they can get all other principals by querying the db for the User and getting the other principals from that.

Applications that are stateless (in as much as is possible) would just store the primary user principal in a session and subsequently query for the User every time.  If the worry is about query performance, enable an enterprise cache (Ehcache, OS Cache, etc) to keep your programming model stateless yet high-performing.

The other principals are almost always generally inferred or accessible by knowing the primary principal.

Now, all that being said, I can see a benefit for supporting multiple principals for convenience's sake and fringe cases.  But I'm still on the fence as to whether or not the public API should support this.  It might impose unnecessary complexity to the majority of applications that almost always use a username or user ID.

After thinking about it for a bit, maybe we could have the best of both worlds?  Perhaps something like:

getPrincipals(): Set 
getPrincipal() : Principal

getPrincipal() would return the primary identifying principal used by the application - maybe like this:

public Principal getPrincipal() {
    //just an example - we'd have to check for nulls, refine, etc.
    return getPrincipals().iterator().next();
}

unfortunately, there is no guarantee the first element returned from the iterator is the 'primary' principal.  We'd have to think through that to make a clean implementation.

The point is that most apps could use the getPrincipal() the majority of the time and that the specialized/fringe apps could use the getPrincipals() method if they wanted all of them.  This would also make JAAS integration a little easier as well, since we could mirror to the Subject.getPrincipals() method.

As long as the JavaDoc is clear on both methods, I think this would work well.

What do you think?
--
Sent from the JSecurity-Authorization forum at Nabble.com:
http://www.nabble.com/AuthorizationContext-multiple-principals-t691831c13668.html#a1826024