[OTDev] List of all resources and authentication
Andreas Maunz andreas at maunz.deFri Jun 18 14:30:35 CEST 2010
- Previous message: [OTDev] List of all resources and authentication
- Next message: [OTDev] Subject Group
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Luchesar V. ILIEV wrote on 06/18/2010 02:17 PM: > Actually, a compromise that I see is to be able to ask not for single > resource/URI but for a list of resources/URIs -- with specific > token/user -- and then get in response only those URIs to which the > user has specific access (most likely GET, in certain cases probably > also POST). However, I'm not quite sure whether OpenSSO is able to do > this. > From my discussion on the OpenSSO mailing list, I learned that OpenSSO policy service is designed as an evaluation service: It evaluates the policy in the context of an evaluation request. Because policies can have plugin to handle Subject, Resources and conditions, you have to evaluate the policy on every possible URL in order to determine all resources. But currently I am still involved in the discussion - there might come up other aspects. Andreas
- Previous message: [OTDev] List of all resources and authentication
- Next message: [OTDev] Subject Group
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list