shibboleth-dev - RE: Access Policy strawman
Subject: Shibboleth Developers
List archive
- From: Scott Cantor <>
- To: 'Noah Levitt' <>, ,
- Cc:
- Subject: RE: Access Policy strawman
- Date: Thu, 03 Jun 2004 18:58:02 -0400
- Organization: The Ohio State University
Another point I'd make that's less centered around static content is that
the usual model for separating authorization out of an application relies on
the authorization system allowing the application to create a set of
abstractions that they can mutually work with to assign policy to, "the
application's objects" if you will.
But a single application (in both a general sense and the specific case of
what I chose to call an application in the target code) usually manages many
such objects and has to have a policy mechanism that reflects this. What
you're suggesting would (I think) align that abstraction with the crude
notion of "service level" that we've worked with, and I don't think they
match.
-- Scott
- Access Policy strawman, Noah Levitt, 06/03/2004
- RE: Access Policy strawman, Scott Cantor, 06/03/2004
- Re: Access Policy strawman, Noah Levitt, 06/03/2004
- RE: Access Policy strawman, Scott Cantor, 06/03/2004
- Re: Access Policy strawman, Noah Levitt, 06/04/2004
- RE: Access Policy strawman, Scott Cantor, 06/04/2004
- Re: Access Policy strawman, Noah Levitt, 06/04/2004
- RE: Access Policy strawman, Scott Cantor, 06/03/2004
- Re: Access Policy strawman, Noah Levitt, 06/04/2004
- RE: Access Policy strawman, Scott Cantor, 06/04/2004
- Re: Access Policy strawman, Thomas Lenggenhager, 06/07/2004
- RE: Access Policy strawman, Scott Cantor, 06/07/2004
- Re: Access Policy strawman, Thomas Lenggenhager, 06/07/2004
- RE: Access Policy strawman, Scott Cantor, 06/04/2004
- Re: Access Policy strawman, Noah Levitt, 06/03/2004
- RE: Access Policy strawman, Scott Cantor, 06/03/2004
- RE: Access Policy strawman, Scott Cantor, 06/03/2004
Archive powered by MHonArc 2.6.16.