Hydra does not rely on Fedora 3's AuthN/Z capabilities, but rather stores it access policy on the "rightsMetadata" datastream of Fedora objects. The handling of access controls is then managed at the application level above Fedora.
The intent of this document is twofold:
- To clearly record how Hydra is currently designed to manage user access to resources across:
- Fedora REST API
- Fedora Resource Index
- Repository Search
- To describe how Hydra could potentially leverage the nascent Fedora 4 AuthN/Z framework
Hydra AuthN/Z Design
Fedora REST API
Fedora Resource Index
Repository Search
Hydra and Fedora 4
The potential delegation of AuthN/Z responsibility from Hydra to Fedora 4 is captured in the following use cases.
Title (Goal) | |
---|---|
Primary Actor | |
Scope | |
Level | |
Story (A paragraph or two describing what happens) |