OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

sca-policy message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Fw: [sca-policy-comment] ISSUE-90: Fine-grained authorization

http://www.osoa.org/jira/browse/POLICY-90

Dave Booz
STSM, BPM and SCA Architecture
Co-Chair OASIS SCA-Policy TC and SCA-J TC
"Distributed objects first, then world hunger"
Poughkeepsie, NY (845)-435-6093 or 8-295-6093
e-mail:booz@us.ibm.com
----- Forwarded by David Booz/Poughkeepsie/IBM on 06/23/2009 08:21 PM -----


From:
ashok malhotra <ashok.malhotra@oracle.com>

To:
OASIS Policy <sca-policy-comment@lists.oasis-open.org>

Date:
06/19/2009 09:25 AM

Subject:
[sca-policy-comment] Fine-grained authorization




Section 7.3 of the spec describes the 'authorization' intent.  This
qualifiable intent has but a single qualifier: fineGrain
and this qualifier is the default.

What this means is that if an implementer specifies the 'authorization'
intent he will get 'authorization.fineGrain'.
This does not seem right as 'fineGrain' describes a specific type of
authorization and one that some feel is overly complex.
In light of this, we have two recommendations.

1. Remove the 'fineGrain' qualifier described in the final paragraph of
section 7.3 and 7.3.1.
2. Do some more thinking about the various styles of qualifier we may
want to support for 'authorization' and
introduce these in a subsequent version of the spec.

If we leave the 'authorization' intent unqualified the deployer is free
to use any style of authorization he wants including fineGrain.
--
All the best, Ashok

--
This publicly archived list offers a means to provide input to the
OASIS Service Component Architecture / Policy (SCA-Policy) TC.

In order to verify user consent to the Feedback License terms and
to minimize spam in the list archive, subscription is required
before posting.

Subscribe: sca-policy-comment-subscribe@lists.oasis-open.org
Unsubscribe: sca-policy-comment-unsubscribe@lists.oasis-open.org
List help: sca-policy-comment-help@lists.oasis-open.org
List archive: http://lists.oasis-open.org/archives/sca-policy-comment/
Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sca-policy
Join OASIS: http://www.oasis-open.org/join/


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]