> On Sep 15, 2016, at 2:35 PM, Chris Pike <[email protected]> wrote: > > No README... but I attached a simple diagram. Basically, fortress stores the > permission attribute sets, permission attributes, and role constraints that > tie user role assignments to a permission attribute set. However, fortress > doesn't enforce the any of these "FILTER" ftRCs, that is the responsibility > of the client.
Chris, where did you attach the diagram? The client is what I’m interested in. If it’s a useful policy enforcement pattern for penn state it may be to others. Shawn
