I have been working on a little security api in the plexus sandbox
that I wanted to describe to the continuum dev list that would work
for the implementation of the authentication and authorization parts
of continuum.
I like it since it is pretty easy to use and should extend to support
the
I think is more important now come with a good representation of
users, groups, roles,... that can be used across all apps (Continuum,
MRM,...)
Acegi doesn't mess with your code, so the need of another api on top
of it for me has no much sense.
I like the aop approach better than implementing
carlos,
how would you recommend we implement the
users/groups/roles/permissions material that we have already been
discussing?
would it be implementing the rbac model using the
AccessDecisionManager and AccessDecisionVoter dealio in acegi? I can
see how we might go about doing it in acegi, it
There was some discussion on irc about the security model so I wrote
up this description for review by everyone.
http://docs.codehaus.org/display/CONTINUUM/Straight+Role+Based+Access+Control
It doesn't have implementation details in it, it is just an attempt at
drawing together the different
I've added my comments.
I don't think we need domain ACLs - it's an interesting concept but it
also worries me a little to have security as an afterthought - it's
intrinsic to the design of the code in some ways (surely if you only
want to give one person access to a subset of the data you
I've updated the wiki with my latest thoughts.
I suggest this reading
http://acegisecurity.org/docbook/acegi.html#domain-acls which explains
how to add instance based security with ACLs. It's a good option and
allows fine grained permissions for user, project and type of
operation.
On 7/11/06,
Carlos Sanchez wrote:
http://docs.codehaus.org/display/CONTINUUM/Security
Please take a look and provide feedback on the semantics of what to
secure and to what level.
Some discussion with Jesse McConnell about the security ...
[11:01:38] jerdfelt jmcconnell: do you see the comment in it's
http://docs.codehaus.org/display/CONTINUUM/Security
Please take a look and provide feedback on the semantics of what to
secure and to what level.
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride
