You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Required Features for first release

Vocabulary

  • Simple, intuitive, well documented vocabulary for controlling Read, Create, Edit and Delete for Collections, Objects, and Datastreams 
  • Assign permissions by User or by Group, regardless of where user attributes are coming from (ie. LDAP, Shibboleth, OpenId, CAS, etc.)

Authentication (AuthN)

  • Support surrogate authentication and document how to do it
  • Support LDAP
  • Support Shibboleth, Tomcat-Users

Policy Manager / Authorization (AuthZ)

  • Allow repository managers to find out what policies apply to a given Object, Datastream, or Collection
  • Use servlet filters to enforce access controls

General

  • Keep the implementation stable & current 
  • Bundle solution with Fedora and include it in the installer
  • Audit the Implementation for potential security flaws
  • Support community innovation & allow people to completely replace the whole thing if they wish

Desires (not required for first release)

  • Support OpenID & OpenAuth
  • Support Single Sign-on (SSO) - must be pluggable/overridable
  • Allow for Custom AuthN
  • No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.