...
- compare policy definition to MACE paccman definition if one exists
...
What is interface between bus logic and UI?
Howard suggests bus logic to presentation interface is in terms of 3 questions: Am I there yet? Do I already have this credential? If I were to get this credential, would it be useful? or ask what credentials do you need?
...
Service API function is to request access and return yes or no and return why. getServiceTicket answers yes or no and why ? not. Scott wants prefers more logic behind the service such as what's missing. Changes Does this change the meaning of getServiceTicket to expect result is not a service ticket? Not really, since failure to get service ticket already is used in case of expired TGT to go ack to the top of the flow.
Howard - should flow run through all the steps to gather credentials all the time? Or will the policy give a list of needed credentials?
Scott - Should all the credentials succeed or fail as a set? Or individually? Right now they succeed or fail as a set because they have to map to the same principal. To return which failed as individuals need to have an id for each credential. Howard had suggested the identifier could be its type name. This is ok. Howard's approach - presentation structured around presentation knowing Joe wonders why not use the bean instance of the configured authentication method that must match one for one with credentials.
The approach we are converging on allows the presentation to know what credentials it can get.
CAS 3.5 Architecture
We didn't get to this really.