syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: [DISCUSS] - Support dynamic entitlements in Apache Syncope
Date Tue, 31 Jan 2017 17:03:18 GMT
Hi Francesco,

On Thu, Jan 26, 2017 at 8:06 AM, Francesco Chicchiriccò <ilgrosso@apache.org
> wrote:

>
> About the definition of the new Application and Privilege (and their
> relationship with existing User and Group, for example), however, these
> will still require new JPA entities to be defined for internal storage, new
> TO and ultimately something for Admin UI management.
>

I'm wondering how (or if) the concept of roles fits into this scenario of
Applications and Privileges? The problem for us is that the existing
entitlements/roles concepts in Syncope seems to map perfectly to that of
SCIM, along the lines of:

https://groups.google.com/forum/#!msg/cloud-directory/
fs6szjVrBBA/tt3t0PZg0UEJ

It's not really clear to me why we can't re-use the existing concepts to
model entitlements/roles external to Syncope? Will there be a way to group
privileges similar to the way that roles group entitlements?


>
> Finally, I want to let you know that I am quite advanced in building a
> prototype - which could be likely delivered in a month or two - that
> introduces Digest Authentication and JWT token management in Syncope 2.0.X
> (you might want to ask Sergey about my stressful questions around these
> points in CXF...).
>

Cool, are you referring to being able to perform authentication in Syncope
with a signed JWT token here or something else?

Thanks,

Colm.


>
> Regards.
> --
> Francesco Chicchiriccò
>
> Tirasa - Open Source Excellence
> http://www.tirasa.net/
>
> Member at The Apache Software Foundation
> Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
> http://home.apache.org/~ilgrosso/
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message