[Cosmo-dev] Thoughts on sharing
Brian Moseley
bcm at osafoundation.org
Wed Jul 12 10:08:34 PDT 2006
On 7/12/06, Kervin L. Pierre <kervin at adevsoft.com> wrote:
> I hope Cosmo relegates as much of the
> Authentication layer as possible behind an
> API like JAAS/JNDI maybe, using a fine grain
> ACL scheme internally ( maybe something that
> resembles POSIX ACLs? ).
there will definitely be an api, but it probably won't be jaas, which
i regard as overcomplicated at best. the api will probably be acegi
security or a facade over it.
> Probably the 'finest grain' permissions
> may have to be implemented internally and
> the courser permission schemes mapped
> over that I think.
>
> Issues like "Everyone in engineering
> except for Bob" is allowed to modify this
> calendar is doable using UNIX permissions
> but hard to administer. With ACLs it
> would be 2 rules. Add engineering, minus
> Bob.
agree.
More information about the cosmo-dev
mailing list