[security-dev] Authorization constructs in PicketLink3

Anil Saldhana Anil.Saldhana at redhat.com
Thu May 2 10:38:40 EDT 2013


We have to remember the permission model work using IDM.

I wonder if this filter can use pluggable authorization mechanisms, then 
maybe the perfect start.

On 05/02/2013 09:36 AM, Pedro Igor Silva wrote:
> I was looking at the org.picketlink.authentication.web.AuthenticationFilter. This class resides on core-api and we did it given some input from AG for DIGEST and BASIC authentication.
>
> Wondering if the authz filter we did for TIMO does not fit in the same case.
>
> ----- Original Message -----
> From: "Anil Saldhana" <Anil.Saldhana at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Tuesday, April 30, 2013 11:42:25 AM
> Subject: [security-dev] Authorization constructs in PicketLink3
>
> Shane/Pedro - we should start discussing the constructs for
> authorization in PL3.  We have a few options on the table. We need to
> figure out what we need such that for PL3 users, we have some options.
> Lets use this thread to figure out the various options/strategies.


More information about the security-dev mailing list