[Cosmo-dev] Re: [Scooby-dev] Cosmo/Scooby Merge (Please read and comment)

[Brian Moseley]

On 7/17/06, Charles Mattair <cmattair at simdeskcorp.com> wrote:
> Speaking as someone who hopes to use cosmo in an enterprise situation,
> someone - be it OSAF or us - will have to develop this.
>
> As I suspect others will also demand this capability, it would be better
> if OSAF laid in the foundation and left it to us to handle the user
> creation/instantion process from our own local DBs.

there are several related concepts here:

1) adding acls to the security model
2) exposing principals and acls via webdav (and potentially atom)
3) delegating authentication, authorization, and/or storage of
principals and acls to external services

obviously #1 has to be in place before we can proceed with #2 or #3. i
expect that once the hibernate work is complete, assuming we accept it
into the project, adding acls will be relatively easy, given that
acegi security has provided most of the infrastructure already., and i
expect that we should be able to do that.

building the other features will probably not be a priority for osaf
in the next few months. however, there's a jcr-server patch being
worked on by angela (the jcr-server owner) that adds webdav acl
support, which hopefully means that the work for us reduces to some
integration with our security model.

the hardest feature will be delegation. we'll need some more explicit
requirements before we can say anything interesting about it.