You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/08/11 12:52:45 UTC

[jira] [Commented] (SYNCOPE-119) Realm-based authorization

    [ https://issues.apache.org/jira/browse/SYNCOPE-119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14681604#comment-14681604 ] 

ASF subversion and git services commented on SYNCOPE-119:
---------------------------------------------------------

Commit c853f742fbf8cf856c18ace338f438d0e16c551b in syncope's branch refs/heads/SYNCOPE-652 from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=c853f74 ]

[SYNCOPE-119] Adding test for delegated admin (user) CRUD


> Realm-based authorization
> -------------------------
>
>                 Key: SYNCOPE-119
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-119
>             Project: Syncope
>          Issue Type: New Feature
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 2.0.0
>
>
> The current authentication / authorization model has some weaknesses, as outlined at [1].
> In the same mail thread a refactoring proposal is shown for implementing a system-wide realm-based hierarchical security model.
> This will impact nearly every component and layer in the system, so great care should be taken and extensive testing.
> Discussion on wiki: https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+Realms
> [1] http://syncope-dev.1063484.n5.nabble.com/syncope-dev-Authorization-entitlements-td4830322.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)