You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@juddi.apache.org by "Alex O'Ree (JIRA)" <ju...@ws.apache.org> on 2019/06/15 17:47:00 UTC

[jira] [Comment Edited] (JUDDI-558) Access Control Enhancements

    [ https://issues.apache.org/jira/browse/JUDDI-558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16864806#comment-16864806 ] 

Alex O'Ree edited comment on JUDDI-558 at 6/15/19 5:46 PM:
-----------------------------------------------------------

Functional description
 * on the inquiry  API, the new interface will act has a filtering mechanism. Pagination unfortunately will break as the filtering mechanism happens outside of sql commands. A reasonable option is to redact all data for the filtered entities
 * on the publish API, the new interface will allow non-owner/publishers to have access to publish if the permission is granted
 * on the jUDDI API, we'll need some new APIs for crud operations for permissions sets
 * database, we'll need an new entity model express the permissions sets and whatnot for the default implementation. 3rd party stuff can do whatever they want

this will also effectively resolve JUDDI-789 too.


was (Author: spyhunter99):
Functional description
 * on the inquiry  API, the new interface will act has a filtering mechanism. Pagination unfortunately will break as the filtering mechanism happens outside of sql commands. A reasonable option is to redact all data for the filtered entities
 * on the publish API, the new interface will allow non-owner/publishers to have access to publish if the permission is granted
 * on the jUDDI API, we'll need some new APIs for crud operations for permissions sets

this will also effectively resolve JUDDI-789 too.

> Access Control Enhancements
> ---------------------------
>
>                 Key: JUDDI-558
>                 URL: https://issues.apache.org/jira/browse/JUDDI-558
>             Project: jUDDI
>          Issue Type: Improvement
>          Components: core
>            Reporter: Alex O'Ree
>            Assignee: Alex O'Ree
>            Priority: Major
>             Fix For: 3.4
>
>         Attachments: UDDI Access Control Proposal.pdf, access control enhancements incomplete.patch
>
>
> Implementation of revised access control mechanism that enables basic CRUD access control lists on a per business, per service basis with inheritable controls from a parent object



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)