Looking to crack the ice. Hopefully inspire some brainstorming.
The following is a set of events Jean-Louis Monteiro created in our impl for using CDI to extend login events to the application.
The impetus of this one came from our attempt to kill a particularly inflexible interface in Tomcat called Realm
. It started out hard-coded to a specific login approach (basic auth) and has grown awkwardly since.
java.security.Principal authenticate(java.lang.String username, java.lang.String password);
java.security.Principal authenticate(String username, String digest,
String nonce, String nc, String cnonce,