...
Time | Item | Who | Notes |
---|---|---|---|
5min | Overview, review goals & wiki page | Greg | |
5min | Review AuthZ delegate api | Mike | |
5min | XACML Policies and JBoss PDP | Greg | |
20min | Identify some XACML implementation alternatives | All | Starting out we favor an internal PDP (configured as a bean within the webapp). The code can be in a separate project.
|
15min | Role inheritance/persistence (Hydra rights, rbacl, XACML etc..) | Greg | |
15min | What can we do in this sprint? | All |
Action Items
- Kevin S. Clarke Investigate what data is available on incoming authz requests for newly created objects, i.e. in Session
- Do we have enough information via the Path parameter to determine access for metadata? (Implementation-specific identification of readable metadata)
- Eric James Identify trade-offs for different acl persistence strategies.
...