You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Fabio Martelli <fa...@gmail.com> on 2013/01/03 16:35:05 UTC

Re: R: R: Differences about simple and global password and account policies

Il giorno 14/dic/2012, alle ore 16.58, Denis Signoretto ha scritto:

> Hi Fabio,
>  
> I personally don't know Apache Wicket but I would.
> Let me check the code, I'll let you know ASAP.
>  
> About creation of new Policies in Configuration Tabs,
> do you think we need another issue to avoid creation of a new Global Policy?

Hi Denis, 
sorry for the delay.

I think we can leave the core to check for Global Policy creation validation.
I have some time to spend to close this issue. I'm going to fix it.

Please, let me have your feedback after the commit.

Regards,
F.

>  
> Bye,
> Denis
> -----Messaggio originale-----
> Da: Fabio Martelli [mailto:fabio.martelli@gmail.com]
> Inviato: venerdì 14 dicembre 2012 16:44
> A: user@syncope.apache.org
> Oggetto: Re: R: Differences about simple and global password and account policies
> 
> Hi Denis,
> I've seen your issue.
> If you are a bit able with Apache Wicket, why don't you try to provide a patch for the branch?
> 
> Best regards,
> F.
> 
> Il giorno 14/dic/2012, alle ore 16.30, Denis Signoretto ha scritto:
> 
>>  
>> -----Messaggio originale-----
>> Da: Fabio Martelli [mailto:fabio.martelli@gmail.com]
>> Inviato: venerdì 14 dicembre 2012 16:26
>> A: user@syncope.apache.org
>> Oggetto: Re: Differences about simple and global password and account policies
>> 
>> 
>> Il giorno 14/dic/2012, alle ore 16.08, Denis Signoretto ha scritto:
>> 
>>> Hi Syncopers,
>>>  
>>> I just read documentation about policies [1] and I need to clarify myself the difference between
>>> "Global" and "Simple" policy and the best way to define and use it.
>>>  
>>> After some trials, I can guess that "Global policy" it's unique and applied both to Syncope and to all resources associated with a user. It's right?
>>>  
>>> If 'm right, I'm wondering if going to "Resource > Security" Tab
>>> it would be better to hide the Global Password Policy in the selection list.
>> 
>> Hi Denis,
>> "Global" policy will be applied always (simply because it exists).
>> "Simple" policy will be applied if specified explicitly. Think about a password policy associated to a certain resource: it will be evaluated and enforced if and only if the user has that resource.
>> 
>> Probably you are right. The Global policy shouldn't be specifiable for resource or roles. 
>>  
>> and moreover cannot be created new one. Do you agree?
>> 
>> Can you take care to open a new issue for this? 
>>  
>> Yes!
>>  
>> What do you think about to integrate this simple info in the wiki documantation [1] ?
>> 
>> Regards,
>> F.
>> 
>>>  
>>> Thanks,
>>> Denis.
>>>  
>>>  
>>> [1] https://cwiki.apache.org/confluence/display/SYNCOPE/Policies
>>> 
>>> 
>>> Denis Signoretto | Senior Project Manager
>>> 
>>> Intesys - Via Roveggia 122 A - 37136 Verona 
>>> Tel. 045 503663 | Fax 045 503604
>>> denis.signoretto@intesys.it
>>> www.intesys.it
>>> Le informazioni contenute nella presente e-mail e nei suoi allegati potrebbero essere confidenziali/riservate e sono dirette unicamente ai destinatari sopra indicati. In caso di ricezione da parte di persona diversa è vietato qualunque tipo di divulgazione o copia anche parziale. Chi riceva questo messaggio per errore è pregato di inoltrarlo al mittente e di cancellare questa e-mail.
>>> 
>>> This e-mail and its attachments may contain confidential/reserved information and is intended only for the use of the address(es) named above. If the reader of this message is not the intended recipient of this message, please note that distribution or copying of this communication is forbidden. Anyone who receives this communication in error should return it immediately to the sender and delete the message.
>>>  
>> 
>

R: R: R: Differences about simple and global password and account policies

Posted by Denis Signoretto <de...@intesys.it>.
Hi Fabio,
 
Don't mind, at the moment I didn't find time to carry on this issue.
I agree with you leaving the core to check policy vvalidation.
 
I'll leave eventual feedback on jira issue [1].
 
Regards,
Denis.
 
[1] https://issues.apache.org/jira/browse/SYNCOPE-255

-----Messaggio originale-----
Da: Fabio Martelli [mailto:fabio.martelli@gmail.com]
Inviato: giovedì 3 gennaio 2013 16:35
A: user@syncope.apache.org
Oggetto: Re: R: R: Differences about simple and global password and account policies



Il giorno 14/dic/2012, alle ore 16.58, Denis Signoretto ha scritto:


Hi Fabio,
 
I personally don't know Apache Wicket but I would.
Let me check the code, I'll let you know ASAP.
 
About creation of new Policies in Configuration Tabs, 
do you think we need another issue to avoid creation of a new Global Policy?


Hi Denis, 
sorry for the delay.

I think we can leave the core to check for Global Policy creation validation.
I have some time to spend to close this issue. I'm going to fix it.

Please, let me have your feedback after the commit.

Regards,
F.


 
Bye,
Denis

-----Messaggio originale-----
Da: Fabio Martelli [mailto:fabio.martelli@gmail.com]
Inviato: venerdì 14 dicembre 2012 16:44
A: user@syncope.apache.org
Oggetto: Re: R: Differences about simple and global password and account policies


Hi Denis, 
I've seen your issue.
If you are a bit able with Apache Wicket, why don't you try to provide a patch for the branch?

Best regards,
F.

Il giorno 14/dic/2012, alle ore 16.30, Denis Signoretto ha scritto:


 

-----Messaggio originale-----
Da: Fabio Martelli [mailto:fabio.martelli@gmail.com]
Inviato: venerdì 14 dicembre 2012 16:26
A: user@syncope.apache.org
Oggetto: Re: Differences about simple and global password and account policies



Il giorno 14/dic/2012, alle ore 16.08, Denis Signoretto ha scritto:


Hi Syncopers,
 
I just read documentation about policies [1] and I need to clarify myself the difference between
"Global" and "Simple" policy and the best way to define and use it.
 
After some trials, I can guess that "Global policy" it's unique and applied both to Syncope and to all resources associated with a user. It's right?
 
If 'm right, I'm wondering if going to "Resource > Security" Tab
it would be better to hide the Global Password Policy in the selection list.


Hi Denis,
"Global" policy will be applied always (simply because it exists).
"Simple" policy will be applied if specified explicitly. Think about a password policy associated to a certain resource: it will be evaluated and enforced if and only if the user has that resource.


Probably you are right. The Global policy shouldn't be specifiable for resource or roles. 
 
and moreover cannot be created new one. Do you agree?


Can you take care to open a new issue for this? 
 
Yes! 
 
What do you think about to integrate this simple info in the wiki documantation [1] ?

Regards,
F.


 
Thanks,
Denis.
 
 
[1] https://cwiki.apache.org/confluence/display/SYNCOPE/Policies

  <http://www.intesys.it/firme/logo_intesys.jpg> 

Denis Signoretto | Senior Project Manager

Intesys - Via Roveggia 122 A - 37136 Verona 
Tel. 045 503663 | Fax 045 503604
denis.signoretto@intesys.it
www.intesys.it <http://www.intesys.it/>  

Le informazioni contenute nella presente e-mail e nei suoi allegati potrebbero essere confidenziali/riservate e sono dirette unicamente ai destinatari sopra indicati. In caso di ricezione da parte di persona diversa è vietato qualunque tipo di divulgazione o copia anche parziale. Chi riceva questo messaggio per errore è pregato di inoltrarlo al mittente e di cancellare questa e-mail. 

This e-mail and its attachments may contain confidential/reserved information and is intended only for the use of the address(es) named above. If the reader of this message is not the intended recipient of this message, please note that distribution or copying of this communication is forbidden. Anyone who receives this communication in error should return it immediately to the sender and delete the message.