...
Note: we need to distinguish carefully between two categories of User; one is the ‘users’ of the AAF service, in our case OOF_HAS and OOF-OSDF.
These users access AAF using HTTPS servier server validation and basic auth. These entities are not ‘users’ provisioned within the OOF namespace of AAF.
The other set of users are the clients interacting with OOF to whom we apply AC. These are ‘users’ in the AAF database.
...