olingo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bolz, Michael" <michael.b...@sap.com>
Subject Re: Best way to control access to entities (I know acl is not part of odata specification)
Date Wed, 27 Jan 2016 05:07:18 GMT
Hi Anurag,

the Olingo library is mainly an implementation of the core OData specification.
Based on that Olingo basically offers nothing beside the specification.

For access control in special Olingo offers no support or convenience.
Best way to do access control is to check which options 
your runtime environment offers to you (e.g. JEE Application servers).

In which runtime environment do you deploy/run your OData service?

Kind Regards,
Michael

> On 27 Jan 2016, at 01:50, anu238 . <anurag.gujral@gmail.com> wrote:
> 
> All,
> Can you please guide me on what is the best way to control access to the  entities in
my EDM model?
> I will give an example to explain my use case:
> I have two entities named Products and Customers in my EDM model. I have three user1,
user2,user3 who use my service .
> I want to allow  all users to have read access but only user2 to have a write access
to these entities.
> I know odata specific does not talk to access control lists,
> 
> I am curious to know what methods users of Olingo are using to restrict the access to
the entities.
> 
> Thanks a lot everyone for your help in advance.
> 
> Thanks,
> Anurag


Mime
View raw message