[security-dev] Entitlements Concept
Anil Saldhana
Anil.Saldhana at redhat.com
Fri Jan 31 10:40:22 EST 2014
Hi All,
any objections to getting the Entitlements Manager concept into
PicketLink Authorization? That way we cover all based with both Fine
Grained Authorization (Permissions API/Implementation) as well as
download of entitlements.
My previous prototype:
https://docs.jboss.org/author/display/SECURITY/EntitlementsManager
(there are bugs in the test case which I will fix)
While the FGA is what I call the Enforcement Model, the
EntitlementsManager concept is what I call the Entitlement Model.
I am currently writing a specification at OASIS for this:
https://www.oasis-open.org/committees/document.php?document_id=52098&wg_abbrev=cloudauthz
Regards,
Anil
More information about the security-dev
mailing list