[Cosmo-dev] Thoughts on sharing
Kervin L. Pierre
kervin at adevsoft.com
Wed Jul 12 08:19:13 PDT 2006
Hello Group,
I hope Cosmo relegates as much of the
Authentication layer as possible behind an
API like JAAS/JNDI maybe, using a fine grain
ACL scheme internally ( maybe something that
resembles POSIX ACLs? ).
We've already, without trying listed 2 or 3
identity frameworks and 2 permissions schemes.
There will probably be a lot more in the
wild. RADIUS is still big with ISPs, LDAP
with corporations, NIS/NIS+ for the masochists :)
--- Mikeal Rogers <mikeal at osafoundation.org> wrote:
> many cases I think just using traditional
> authentication and honoring
> the permissions would be enough for most of our use
> cases.
Probably the 'finest grain' permissions
may have to be implemented internally and
the courser permission schemes mapped
over that I think.
Issues like "Everyone in engineering
except for Bob" is allowed to modify this
calendar is doable using UNIX permissions
but hard to administer. With ACLs it
would be 2 rules. Add engineering, minus
Bob.
Best regards,
Kervin
More information about the cosmo-dev
mailing list