WikiUserPrincipal is an as yet conceptual object related to JSPWiki authentication and access control. This page currently discusses the expected needs for such an object.


Made some changes here: a user sould have several roles. Also, added hasPermission(). Undecided about this: it is very convenient for a principal to carry both authentication and access control information, but then we're connecting the two separate issues at this object's level. (This is what Tomcat does, for example.) Another option would be to have a one class for authentication, one for access information, and have the WikiEngine store both with the session. Votes? --ebu


The code could look like this:

package ...

public interface WikiUserPrincipal{

    public String getUsername();
    
    public String getPassword();

    public boolean hasRole( String roleName );
    
    public Iterator getRoles();

    public boolean hasPermission( String permission );

    public Iterator listPermissions();

    public String getOtherInfo(String key);

}

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 23-May-2005 15:53 by 131.248.58.241