[security-dev] IDM: REST API
Darran Lofthouse
darran.lofthouse at jboss.com
Mon Dec 10 14:47:18 EST 2012
On 12/10/2012 07:18 PM, Bill Burke wrote:
>
>
> On 12/10/2012 1:47 PM, Darran Lofthouse wrote:
>> On 12/10/2012 06:37 PM, Bill Burke wrote:
>>> * Granting specific access to somebody so they can act on behalf of you
>>> seems like a pretty compelling cross-cutting use case that should be
>>> supported in the model.
>>
>> That is something that is coming up for AS7 as well we are close to the
>> point where we need to define which users can act on the behalf of other
>> users.
>>
>
> (I said this before). In my prototype, i have something like a role
> mapping, but it is a list of roles a user is allowed to ask another user
> to grant for them. This is the change in the meta model I'd need for
> this type of data, otherwise, i'm just hacking the identity model.
In my case I am a little more interested in the case where one user
wants a request to be executed entirely as another user rather than just
roles.
I have however heard some users recently talking about a capability
where users can request roles for a specific time period and another
user can grant that request.
>
>
More information about the security-dev
mailing list