[security-dev] IDM: REST API
bburke at redhat.com
Mon Dec 10 10:15:38 EST 2012
Still doesn't solve a number of things:
In a SOA environment, different "resources" or "services" will have
different roles they publish/allow. So, IMO, there needs to be role
mappings per resource for each user.
For OAuth, "entitlements" might be something that could be used to
authorize one user permission to ask another user to grant specific
roles to act on behalf of that user. But again, as with roles, you're
going to have to have a per-resource mapping for these entitlements.
IMO, we should still come up with our own formats tailored to our
specific use cases, but a lot of SCIM could be used. I'm sure the
format is flexible enough that we can omit or extend metadata as needed.
On 12/7/2012 3:53 PM, Anil Saldhana wrote:
> SCIM is very popular for user provisioning using REST.
> security-dev mailing list
> security-dev at lists.jboss.org
JBoss, a division of Red Hat
More information about the security-dev