syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <>
Subject Re: [DISCUSS] - Support dynamic entitlements in Apache Syncope
Date Tue, 31 Jan 2017 17:03:18 GMT
Hi Francesco,

On Thu, Jan 26, 2017 at 8:06 AM, Francesco Chicchiriccò <
> wrote:

> About the definition of the new Application and Privilege (and their
> relationship with existing User and Group, for example), however, these
> will still require new JPA entities to be defined for internal storage, new
> TO and ultimately something for Admin UI management.

I'm wondering how (or if) the concept of roles fits into this scenario of
Applications and Privileges? The problem for us is that the existing
entitlements/roles concepts in Syncope seems to map perfectly to that of
SCIM, along the lines of:!msg/cloud-directory/

It's not really clear to me why we can't re-use the existing concepts to
model entitlements/roles external to Syncope? Will there be a way to group
privileges similar to the way that roles group entitlements?

> Finally, I want to let you know that I am quite advanced in building a
> prototype - which could be likely delivered in a month or two - that
> introduces Digest Authentication and JWT token management in Syncope 2.0.X
> (you might want to ask Sergey about my stressful questions around these
> points in CXF...).

Cool, are you referring to being able to perform authentication in Syncope
with a signed JWT token here or something else?



> Regards.
> --
> Francesco Chicchiriccò
> Tirasa - Open Source Excellence
> Member at The Apache Software Foundation
> Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail

Colm O hEigeartaigh

Talend Community Coder

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message