Return-Path: Delivered-To: apmail-roller-commits-archive@www.apache.org Received: (qmail 87869 invoked from network); 28 Nov 2008 20:26:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 28 Nov 2008 20:26:40 -0000 Received: (qmail 2990 invoked by uid 500); 28 Nov 2008 20:26:51 -0000 Delivered-To: apmail-roller-commits-archive@roller.apache.org Received: (qmail 2976 invoked by uid 500); 28 Nov 2008 20:26:51 -0000 Mailing-List: contact commits-help@roller.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@roller.apache.org Delivered-To: mailing list commits@roller.apache.org Received: (qmail 2967 invoked by uid 99); 28 Nov 2008 20:26:51 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 28 Nov 2008 12:26:51 -0800 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 28 Nov 2008 20:25:32 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 480FF234C2A7 for ; Fri, 28 Nov 2008 12:26:19 -0800 (PST) Message-ID: <1425943191.1227903979294.JavaMail.jira@brutus> Date: Fri, 28 Nov 2008 12:26:19 -0800 (PST) From: "David Johnson (JIRA)" To: commits@roller.apache.org Subject: [jira] Updated: (ROL-1680) Security proposal In-Reply-To: <87075238.1203410348148.JavaMail.j2ee@atlassian01.managed.contegix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/roller/browse/ROL-1680?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Johnson updated ROL-1680: ------------------------------- Issue Type: Improvement (was: Bug) > Security proposal > ----------------- > > Key: ROL-1680 > URL: https://issues.apache.org/roller/browse/ROL-1680 > Project: Roller > Issue Type: Improvement > Components: Authentication, Roles and Access Controls > Affects Versions: 4.1 > Reporter: David Jencks > Assignee: Roller Unassigned > Attachments: ROLLER-1680-1.patch > > > Goals here are: > 1. Separate access control decisions from user/permission administration. > 1.a. separate permissions from any particular permission storage model > 1.b. use a jacc-like interface for access control decisions, involving submitting a test permission to a security service. > 2. Hide the authentication decisions and how the current user is tracked from the business logic. > See discussion thread on the dev list. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.