You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 4
Next »
Attendees
General
- Indicates who took minutes -
- ReadyTalk:
- U.S.A/Canada toll free: 866-740-1260, participant code: 2257295
- International toll free:
- http://www.readytalk.com/intl
- Use the above link and input 2257295 and the country you are calling from to get your country's toll-free dial-in number
- Once on the call, enter participant code 2257295
- IRC:
Agenda
- AuthN/Z Design and Use cases
Minutes
Topics
- Transparency in security in REST interface
- Clearly defined extension points, and prioritization
- We are not securing URLs, we are securing objects/datastreams... the model
- Short-term goals
- Persistence should be unified?
Transparency in security in REST interface
- In f3 it is difficult for Islandora to use security
- Desire for something that is easy to use from the API level
- Would like to not have two security layers
- Is there an example that demonstrates these principles
- Suggestion that security may not be appropriate at the Fedora level
- Interest in the ability to create a responsive UI
- Must render quickly
- Does not mislead the user by providing deadend buttons
- Would like to introspect objects, or sets of content
- Enforcing security on f4 objects will require multiple calls within the app
- We need to seriously consider performance
- Reflecting on unix and DBs
- You request a resource and get something back or not
- Action: Jonathan, create usecases
Clearly defined extension points, and prioritization
- Want to avoid requiring users to learn new tools
- Need unified, simple, consistent tooling
- Get agreement on what frameworks will be used
We are not securing URLs, we are securing objects/datastreams... the model
- If we secure the model, we are securing the URLs
- Wisc is unable to support securing obsufcated URLs
- The question is, how to do it efficiently
Short-term goals
- PEP can be made effective
- ensure correct response codes
- early work on filtering search/triplestore results
- mock PEP
- First cut, store policies within f4
- Goal
- Three users, three rights r/w, r-o, no-access
- Two questions
- What permissions does this principal have?
- What can I do?
Persistence should be unified?
- Holding policies close to the content is a matter of durability
Actions