You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 3
Next »
Required Features for first release
Vocabulary
- Simple, intuitive, well documented vocabulary for controlling Read, Create, Edit and Delete for Collections, Objects, and Datastreams
- Assign permissions by User or by Group, regardless of where user attributes are coming from (ie. LDAP, Shibboleth, OpenId, CAS, etc.)
Authentication (AuthN)
- Support surrogate authentication and document how to do it
- Support LDAP
- Support Shibboleth, Tomcat-Users
Policy Manager / Authorization (AuthZ)
- Allow repository managers to find out what policies apply to a given Object, Datastream, or Collection
- Use servlet filters to enforce access controls
General
- Keep the implementation stable & current
- Bundle solution with Fedora and include it in the installer
- Audit the Implementation for potential security flaws
- Support community innovation & allow people to completely replace the whole thing if they wish
Desires (not required for first release)
- Support OpenID & OpenAuth
- Support Single Sign-on (SSO) - must be pluggable/overridable
- Allow for Custom AuthN