Re: [security-dev] Authorization constructs in PicketLink3
We have to remember the permission model work using IDM.
I wonder if this filter can use pluggable authorization mechanisms, then
maybe the perfect start.
On 05/02/2013 09:36 AM, Pedro Igor Silva wrote:
I was looking at the
org.picketlink.authentication.web.AuthenticationFilter. This class resides on core-api and
we did it given some input from AG for DIGEST and BASIC authentication.
Wondering if the authz filter we did for TIMO does not fit in the same case.
----- Original Message -----
From: "Anil Saldhana" <Anil.Saldhana(a)redhat.com>
To: security-dev(a)lists.jboss.org
Sent: Tuesday, April 30, 2013 11:42:25 AM
Subject: [security-dev] Authorization constructs in PicketLink3
Shane/Pedro - we should start discussing the constructs for
authorization in PL3. We have a few options on the table. We need to
figure out what we need such that for PL3 users, we have some options.
Lets use this thread to figure out the various options/strategies.