On Tue, Apr 25, 2017 at 8:46 AM, Harsha Thirimanna <[email protected]> wrote:
> > > On 21 Apr 2017 3:35 p.m., "Asela Pathberiya" <[email protected]> wrote: > > Hi IS/APIM team, > > Is $subject in our roadmap ? > > We will add this to the roadmap. > > This seems to be a required features. Different applications may need the > different user token expiry time based on their security level. > > > > > Yes, it seems the application should have this capability to do. > But what is the real use case to have this per user ? > It depends lets think user know he is going to use this for shorter period(from mobile app) then he can request with smaller time (lets say 5 mins). Then from token issuer logic we can check application level max value and issue token with requested validity period if requested time is below what they allow in application level. So this is not really user level thing but optional parameter we send on demand when we generate tokens. If token generation request allows to send optional parameters like DCR we will be able to send requested_validity(if not sent default application level validity time will apply). Thanks, sanjeewa. > > Just heard that; IOT server may has already requirement with that; It is > needed to define a token expiry level based on their device type. Say; > some device's token may be embedded & these token may have longer expiry > time (never expired). Also; some devices type need a less expiry time > based on their security policies. It is not sure how we are handled this > with APIM feature without $subject. But; this can be easily handled, if > we can have such feature inbuilt. > > Thanks, > Asela > > > -- > Thanks & Regards, > Asela > > ATL > Mobile : +94 777 625 933 <+94%2077%20762%205933> > +358 449 228 979 > > http://soasecurity.org/ > http://xacmlinfo.org/ > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > -- *Sanjeewa Malalgoda* WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/ <http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
