Re: [DISCUSS] Realms

Tue, 24 Mar 2015 04:30:48 -0700 

Il 23/03/2015 14:26, Francesco Chicchiriccò ha scritto:

Hi all,
I've summarized at [1] the feature and changes that I intend to implement about security realms. 


Please take a look and let me know your thoughts: my idea is to start 
working on this topic in more or less one month, so we have plenty of 
time to discuss.


Regards.


[1] 
https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+Realms



Francesco, as you already know, you have my sponsorship for this new 
feature. Thank you for the wiki page.

Just a comment: I'm not sure about the suggested REST API change.


For example, to get users under a certain path you are proposing to have 
a request like as


GET /users/a/b

Why not the following?

GET /a/b/users


Personally, I'd prefer to have the path before in every request; 
something like as below.


Regards,
F.


        

GET /realms

GET /a/b/realms

        list realms starting at given root:
all realms in the former case, realms rooted at /a/b in the latter case
        GET /a/b/c      read realm /a/b/c
        POST /a/b       create realm under /a/b
        PUT /a/b/c/d    

update realm /a/b/c/d

        DELETE /a/b     delete realm /a/b (and all sub-realms)
GET /users      GET /users

GET /a/b/users 	list users under the given realm (e.g. assigned to given 
realm and related sub-realms):
all users in the former case, users in realm /a/b (all all sub-realms) 
in the latter case

POST /users     POST /users
POST /a/b/users         create user under the given realm:
root realm in the former case, /a/b in the latter case
        PUT /a/b/users/{userId}         move user with id {userId} under realm 
/a/b
GET /users/search       GET /users/search
GET /a/b/users/search   search users under the given realm:
root realm in the former case, /a/b in the latter case
GET /roles      GET /roles
GET /a/b/roles  see users
POST /roles     

POST /roles
POST /a/b/roles

        see users
        PUT /a/b/roles/{roleId}         move role with id {roleId} under realm 
/a/b
GET /roles/search       GET /roles/search
GET /a/b/roles/search   see users
GET /roles/{roleId}/parent              
GET/roles/{roleId}/children             


--
Fabio Martelli

Tirasa - Open Source Excellence
http://www.tirasa.net/

Apache Syncope PMC
http://people.apache.org/~fmartelli/























					Reply via email to