OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wsrp-wsia message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [wsrp-wsia] [change request #7] User identity (authenticated) forpersonalization



I'm not sure we need that.
section 6.10.1 says that producers may not sopport user categories so this
is the first part of your sentence.
The second part is surely true, but I think we don't need to mention it.
Such definitions belong to WS-Policy (declaration of required security
tokens) and WS-Security (transporting and veryfying these).


Mit freundlichen Gruessen / best regards,

        Richard Jacob
______________________________________________________
IBM Lab Boeblingen, Germany
Dept.8288, WebSphere Portal Server Development
Phone: ++49 7031 16-3469  -  Fax: ++49 7031 16-4888
Email: mailto:richard.jacob@de.ibm.com


|---------+---------------------------->
|         |           Rich             |
|         |           Thompson/Watson/I|
|         |           BM@IBMUS         |
|         |                            |
|         |           01/20/2003 05:02 |
|         |           PM               |
|---------+---------------------------->
  >--------------------------------------------------------------------------------------------------------------------------------------------------|
  |                                                                                                                                                  |
  |       To:       wsrp-wsia@lists.oasis-open.org                                                                                                   |
  |       cc:                                                                                                                                        |
  |       Subject:  [wsrp-wsia] [change request #7] User identity (authenticated) for personalization                                                |
  >--------------------------------------------------------------------------------------------------------------------------------------------------|




Document: WSRP Spec v0.9
Section: 6.10
Page/Line: 48/36-42
Requested by: Subbu Allamaraju
Old text:
Proposed text:
[addition] Sophisticated producers may completely ignore user categories
and instead rely on authenticated user and/or consumer identity for
personalization of behavior and/or markup.

Reasoning:

Sophisticated producer-consumer implementations may choose to propagate
authenticated end user security context using some (unspecified)
security mechanism. With such a security mechanism in place, a producer
may choose to use the authenticated principal and roles for
personalization in place of userContextID and userCategories.

I suggest that this section mention this possibility. This would also
address sophisticated implementations that rely only on authenticated
user identity and roles for personalization.



----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC