[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Split user management
On 09/07/2012 08:57 PM, Shawn McKinney wrote:
More questions: What interactions should Fortress have with the
external directory - should it be capable of binding, reading user
attributes, i.e. group assignments? What about provisioning - should
the Fortress AdminMgr APIs be capable of provisioning user data into
the external directory?
One point needs to be clarified here:
If the intent is not to maintain interactions in the manner pointed out
above, you should be able to use Fortress alongside the user management
system of your choice today. The fortress user object still needs to be
provisioned, but the password and user demographics data need not be
loaded nor maintained.
When utilizing Fortress in this manner, don't set the User's password
attribute but do set the the 'isTrusted' boolean parameter to 'true'
when you call the createSession API.
public Session createSession(User user, boolean isTrusted)
throws SecurityException;