On 24/03/2015 13:25, Marco Di Sabatino Di Diodoro wrote:
Hi Francesco,
Il 23/03/2015 14:26, Francesco Chicchiriccò ha scritto:
Hi all,
I've summarized at [1] the feature and changes that I intend to
implement about security realms.
Please take a look and let me know your thoughts: my idea is to start
working on this topic in more or less one month, so we have plenty of
time to discuss.
Regards.
[1]
https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+Realms
I agree with you.
In the new security model,why not extend the conceptto the realms?
For example:
The realm X has assigned entitlements E_1 ...E_n .Than all usersin
therealm X can exercise entitlements E_1 ...E_n.
This can be interesting: only, I would need some solid reasons to not
keep the entitlement assignment in a single place (e.g. roles).
In addition to assigne the entitlements to a realm or role, it would
be nice to define whichrealms an user can exercise the entitlements.
This is precisely what I mean, see the example at the bottom of the wiki
page, item "B".
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
