Hi Pantelis,

chung wrote on 12/08/2010 06:06 PM:
>     I have some question, since we currently work on accounting and we've
> managed to handle local limitations on the per user number of models and
> running/queued tasks allowing for 2000 models, 1000 BibTeX entries and 2
> asynchronous tasks (these bounds were chosen arbitrarily). With the
> current set up, it is feasible (and easy) to provide to users lists of
> resources that they have created, exploiting our local database and the
> SSO identity service. The question is how this should be done? I was
> thinking of a boolean URL parameter so that the request:
>
> POST on /resource?onlyMine=true
> Authorization:{token}
>
> will return to the client the list of resources for which he is the
> creator. But what would be of real interest, is to provide to the user a
> list of URIs for all resources to which he has (any) access.

I was considering such a "wildcard authorization query" a while ago for 
the implementation in OpenSSO.
But it turned out that an automatically generated list, to which a given 
user has any access, was not feasible.
Each query must be bound to a specific pair of URI and ACTION.

Regards
Andreas

-- 
http://www.maunz.de

There are only 10 types of people in the world: those who understand 
binary and those who don't.