With the current IS implementation We have individual SP configurations and
we associate authentication chains, claim, provisioning configurations
etc.. to that service provider configuration.
As a improvement to this we can group these configurations lets say a
For a security circle [SC].
We can configure set of service providers within a SC.
Associate Userstores to that SC
Define Authentication chain, Provision config etc..
Configre Administration policies Ex: only users in wso2admin can manage the
wso2 security circle.
Group authorization policies belong to this circle.
Once we configure those it will be applicable to all service providers and
can override with SP level configurations.
We can have different login sessions to each circle.
How can we use this.
Achieve Enterprise SaaS application use case discussed in 
No need to configure same configurations in each SP level can inherit from
Since we are going with container base Multi tenancy in C5, If a user does
not like, that can be handle with this security circle.
 "[C5 IS] Multi-tenancy in C5 based IS"
Associate Technical Lead
WSO2 Inc. - lean . enterprise . middleware | wso2.com
email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile:
Architecture mailing list