Topics

Validation of identity store attributes


Guillermo González de Agüero
 

Hi,

I was wondering how the container should behave when invalid attributes are found on an identity store, e.g.: an invalid database JNDI lookup, malformed LDAP server url, etc.

That kind of invalid parameters would break authentication, so they should fail the deployment IMO. Another story are unavailable resources (unaccesible database and the likes).

I think a note should be added to the spec saying that "the container is responsable for preventing a sucessful deployment if it finds some attribute that will inevitable break the authentication mechanism". That would be cloud-friendly as it stays open to interpretation wether an unresponsive resource is enough to fail a deployment.

What do you think?


Regards,

Guillermo González de Agüero