[security-dev] IDM: REST API

Bill Burke bburke at redhat.com
Mon Dec 10 10:15:38 EST 2012

Still doesn't solve a number of things:

In a SOA environment, different "resources" or "services" will have 
different roles they publish/allow.  So, IMO, there needs to be role 
mappings per resource for each user.

For OAuth, "entitlements" might be something that could be used to 
authorize one user permission to ask another user to grant specific 
roles to act on behalf of that user.  But again, as with roles, you're 
going to have to have a per-resource mapping for these entitlements.

IMO, we should still come up with our own formats tailored to our 
specific use cases, but a lot of SCIM could be used.  I'm sure the 
format is flexible enough that we can omit or extend metadata as needed.

On 12/7/2012 3:53 PM, Anil Saldhana wrote:
> http://www.simplecloud.info/
> SCIM is very popular for user provisioning using REST.
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev

Bill Burke
JBoss, a division of Red Hat

More information about the security-dev mailing list