IDEA: Centralized userId |
The Java approach, while heavy-handed, might be informative...
- https://en.wikipedia.org/wiki/Java_Authe...on_Service - https://docs.oracle.com/javase/7/docs/te...nOnly.html Basically, they prescribe a Subject (something for which access control might be appropriate), a Principal (something or someone who might deserve access to a Subject), a Credential (some proof of identity). Authentication tools would provide a LoginContext (with callables or callbacks), or an adapter with one could be made. It sounds like the earlier part of this thread is waltzing around the notion of a Principal, and how to determine if same is "logged in". It doesn't seem to address the notion of role-based access control, which seems to me to be the primary reason for going down this road. My worry is that any solution requires that the problem be identified & agreed to (it may not just be a userid), and that alternatives be considered. This issue has come up before, and been argued for/against, without a consensus being reached. Would what you are suggesting work with any of the "common" auth packages that are used with CI? with minimal adaptation needed? |
Messages In This Thread |
IDEA: Centralized userId - by MGatner - 04-05-2019, 05:03 AM
RE: IDEA: Centralized userId - by albertleao - 04-05-2019, 07:22 AM
RE: IDEA: Centralized userId - by MGatner - 04-05-2019, 11:33 AM
RE: IDEA: Centralized userId - by dave friend - 04-05-2019, 04:00 PM
RE: IDEA: Centralized userId - by MGatner - 04-05-2019, 06:37 PM
RE: IDEA: Centralized userId - by mmx - 01-29-2020, 12:19 AM
RE: IDEA: Centralized userId - by ciadmin - 06-12-2019, 05:47 PM
RE: IDEA: Centralized userId - by MGatner - 06-16-2019, 11:36 AM
RE: IDEA: Centralized userId - by MGatner - 06-17-2019, 06:52 AM
RE: IDEA: Centralized userId - by tony.a - 10-17-2019, 04:01 AM
RE: IDEA: Centralized userId - by AndreiCurelaru - 10-17-2019, 05:08 AM
RE: IDEA: Centralized userId - by InsiteFX - 10-17-2019, 03:53 PM
|