...
| Answer | Submitted by |
|---|
| Yes. By default, no restrictions will be enforced. | David Wilcox |
| Yes. No restrictions enforced. Capturing the event's source (or agent) to distinguish between internal/imported. | Ralf Claussnitzer | | |
| | |
For event tracking, where is the user principal expected to come from?
| Answer | Submitted by |
|---|
| Fedora will use servlet-request#getUserPrincipal to get the principal. This means that applications will need to pass user principals to Fedora in order for them to be recognized by the audit service. | David Wilcox |
| User Principle applies if no other principal is provided. Problem with entities other than users ("frontendServer1"?). Providing "On-Behalf-Of" mechanism (SWORD Authentication and Mediated Deposit) might help. | Ralf Claussnitzer | | |
| | |
How will user principals be mapped to persistent user identifiers?
This is related to the previous question, and need not be resolved as quickly as the other questions.
| Answer | Submitted by |
|---|
| I suggest Fedora internal PUIDs bound to the Authentication System. | Ralf Claussnitzer | | |
| | |
| | |