This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

This page contains topics supporting ongoing discussion at dev@syncope.apache.org.

Tracked as SYNCOPE-1281.

Requirements

Enable Syncope with the ability to define, map and query the rights that users own on external applications.

Design

Introduce two new entities:

  1. Application - with name and optional description
  2. Privilege - with name and optional specification, where specification is a binary field where it is possible to store arbitrary values - for example some descriptive JSON to provide operational information about this privilege: it could be { "method": "POST", "url": "/a/b/c" } and then 3rd party applications can provide their own interpretation

An Application can have zero or more Privileges attached.

Roles can be associated to zero or more Privileges.

 

  • No labels