Menu
▾
▴
Re: [Unity-idm-discuss] custom servlet endpoint authentication
|
From: Terefang V. <ter...@gm...> - 2015-01-26 22:35:35
|
hi! seams that i have to revisit the BindingAuthn contract game, because some call traffic causes authentication errors. ah, some thoughts that have come up during consuming the unity code: * dont you intend to move the "public AuthenticationResult getAuthenticationResult();" method to the BindingAuthn interface, since every other derived interface defines (and needs) it anyway? * as far a i have understood is that all "*Management" interfaces need some authorization to check. wouldnt it be logical to implement the actual functionality in a "*Helper" and let the "*Management" impl check for security and then delegate to the "*Helper". so server code may choose if they are doing administrative work, hence using "*Helper" beans directly or are subject to authorization, hence using "*Management" beans. * wouldnt it make sense to have a "public static AuthenticatorImpl create(IdentityResolver idRes, AuthenticatorsRegistry authReg, AuthenticatorInstance instDescr);" in class AuthenticatorImpl ? so you can keep create code in one place and not all over. * your code refers to a LICENSE.txt but neither the rpm nor the git-repo contain one. i have read on the webpage that unity-idm is licensed under permissive bsd, yet there are several (http://en.wikipedia.org/wiki/BSD_licenses) unless there a definitive LICENSE.txt i can refer to, i cant publish my code (open source it) under my preferred Apache License (http://choosealicense.com/licenses/) cheers, -- terefang |
