Story #725: Create Authentication and Access control design specifications
Complete d1_schema changes for Authz and Authn.
#2 Updated by Matthew Jones over 11 years ago
- Category set to Documentation
- Milestone set to 2011-Block-2
Added new types for Authz and Authn, including AuthToken, AuthSession, Challenge, EncryptedNonce, X509Certificate, Person, Group, Principal, PrincipalList, and others.
Need to review these types with Dave and get feedback. If no comments, then can close this task.
#3 Updated by Dave Vieglais over 11 years ago
Only question is on Types.Permission. The interpretation of a permission is "Permissions are cumulative, in that higher level permissions include all of the priveledges of lower levels (e.g., given write access, one also implicitly has read access)."
This means that execute access implies WRITE and CHANGEPERMISSION access which seems a bit liberal.