Here at Oxford we have two IDs for a user their authentication ID (used for authentication and generally know by the user) and and enterprise ID which is used for looking up users and finding group memberships. So we have enhanced Sakai to have 3 IDs for a user:
- Internal ID (never changes).
- Enterprise ID (normal Sakai EID).
- Authentication ID (new ID that is used for authentication).
Some original work was done on allowing an authentication ID but it that was limited to being outside the kernel.
We want the ability to lookup people by AID (when adding then to the site).
NOTE: UserDirectoryService API change (need to update all 4 mocks in trunk code)