[Yanel-dev] User Properties / IML

Michael Wechner michael.wechner at wyona.com
Mon Oct 29 00:44:54 CET 2007 

Hi Oli

Thanks very much for your suggestions, which seems to me make a lot of 
sense.
Please some comments inline below

Oli Kessler wrote:

> Hi all,
>
> We need to introduce additional user properties within a project and  
> would propose to do this in the yanel core as all of them are easily  
> reusable:
>
> - account expiration

I guess this should only be configurable by some "administrator", right?
Please note that Yanel doesn't have a dedicated administrator account 
and this would rather be protected by some policy and appropriate usecase.

> - homepage (default page after login)


if this not being set, how should the default be? It seems to me we have 
to options:

 - the originally requested URL
 - a realm specific default page

> - last login (date, to be written on successfull login)


wouldn't it make sense to keep the whole history (also with additional 
info, such as machine (whereas this might not make sense behind a proxy ...)

>
> Also, a facility to write application specific, custom properties to  
> the user object would be very helpful.
>
> We'd thus like to extend the current IML like this:
>
> <identity id="foo" xmlns="http://www.wyona.org/security/1.0">
>   <name>Foo Account</name>
>   <description>Bars</description>
>   <email>foo at bar.com</email>
>   <password type="md5">xxx</password>
>
>   <expire date="2007-12-24T00:00:00"/>
>   <hompage>/en/topics/dashboard.html</homepage>
>   <lastLogin date="2007-10-26T16:34:22"/>
>
>   <custom:properties xmlns:custom="http://www.foobar.com/yanel/ 
> security/1.0">
>     <custom:locked>false</custom:lock>
>     <custom:failedLogins>7</custom:failedLogins>
>     <custom:welcomePage>/en/global/motd.html</custom:welcomePage>
>   </custom:properties>
> </identity>


sounds good to me, whereas I guess it would make sense to implement this 
within the API whereas a DOM would be returned.

WDOT?

Cheers

Michi

>
> A custom IdentityManager will make use of the additional properties,  
> while account expiration checks and redirect to the homepage should  
> be implemented in the default IdentityManager IMHO.
>
> What do you think?
>
> Thx,
> -ok
> _______________________________________________
> Yanel-development mailing list
> Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development



-- 
Michael Wechner
Wyona      -   Open Source Content Management   -    Apache Lenya
http://www.wyona.com                      http://lenya.apache.org
michael.wechner at wyona.com                        michi at apache.org
+41 44 272 91 61

More information about the Yanel-development mailing list