archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brent Atkinson <brent.atkin...@gmail.com>
Subject Re: Releasing 1.4-M4
Date Fri, 21 Dec 2012 12:39:43 GMT
I agree with you Brett, that approach is probably the best balance. It
allows fine granularity permissions on the application side, the ability to
manage from the directory side, and it won't require specific schema in
ldap. This approach is similar as others I have seen and it is generally
well accepted among system oprations folks these days.

Brent
On Dec 21, 2012 4:39 AM, "Brett Porter" <brett@apache.org> wrote:

>
> On 21/12/2012, at 7:39 PM, Olivier Lamy <olamy@apache.org> wrote:
>
> > Note something I'd like to add is to be able to use only ldap
> > (including for roles).
> > But probably not yet for this release, I have to think which ldap
> > attributes to use for role mapping (and a couple of other things :-)
> > ).
> > Such feature makes sense ?
>
> I'm not sure you'll get the granularity of the resources/permissions that
> you want without overly-polluting LDAP or unless you limit it to the global
> roles.
>
> Probably the better way to approach it is to add support for groups
> (mapped onto LDAP) that can be assigned to roles (still stored in
> Archiva/Redback).
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message