Hi, I appreciate your post. I would like to suggest you to cite the http://csrc.nist.gov/groups/SNS/rbac/ NIST RBAC Section and the http://csrc.nist.gov/rbac/sandhu-ferraiolo-kuhn-00.pdf RBAC reference model that was the base of ANSI INCITS 359 2004 standard.
Shiro implementation of RBAC how compares to the above standard? What level it does implement (base, hierarchical, constrained)? What is foreseen in the roadmap about RBAC and SAML/XACML? There is any tool to manage Role and Permission configuration? Do you know any othe open source project that is dealing with RBAC and/or XACML, apart OpenRBAC, Fortress and SUN XACML implementation? Thanks for your kind attention Maurizio -- View this message in context: http://shiro-user.582556.n2.nabble.com/Roles-Permissions-and-Access-Control-tp6356853p7146322.html Sent from the Shiro User mailing list archive at Nabble.com.
