We may not need to because I think we are talking about two slightly different things. I'm talking about the base classes and your are talking about and implementation's classes. By my thinking this library only provides the Authenticator. The application needs to provide adapters to the credentials and datasource actually in the application -- but using our interface and conventions so the Authenticator can deal with them. I think the Authenticator may be very simple. It is the conventions that will make the whole thing work.Ambush Commander wrote:Now... we need some replacement words.
Authentication asks two questions:
1. Is this person really who he says it is? (my def) which is a subset of ** An implementation to check user accounts **
2. Is the data/credential valid/genuine? (Arborint's def) ** the raw functionality of the Authenticator **
Credential means two things:
1. A piece of information that establishes the identity of a user (my def) which is a subset of ** An implementation of a user account credential **
2. A piece of information that establishes confidence in a certain assertion (Arborint's def) ** the raw functionality of the Credential Adapter **
So I don't think we are talking about cross purposes
As Burrito found out recently I don't IRC ... sort of my line in the sand to allow me to get some work done.Ambush Commander wrote:Edit 2 - Hey, would you mind going on IRC for a little bit to chat this out a bit and figure it out?