Project

General

Profile

Story #725

Create Authentication and Access control design specifications

Added by Chad Berkley over 13 years ago. Updated over 6 years ago.

Status:
In Progress
Priority:
Normal
Assignee:
Dave Vieglais
Category:
Documentation
Target version:
Maintenance Backlog
Start date:
2014-10-01
Due date:
2014-10-01
% Done:

30%

Estimated time:
(Total: 1.00 h)
Story Points:
Sprint:
Infrastructure backlog

Description

The metacat CrudService class contains methods for authentication and access control changes that are not part of the original D1 Crud specification. These services need to be decided on at a higher level and described in the specification so that they can be made to work with any D1 node, not just metacat.

Subtasks

Task #1536: resolve differences in listPrincipals() and getPrincipalInfo()ClosedBen Leinfelder

Task #1529: rename newAccount() to registerAccount()ClosedMatthew Jones

Task #1528: Add updateAccount() method allowing for changes in account attributesClosedBen Leinfelder

Task #1527: Allow AccessPolicy to be set for groupsNewMatthew Jones

Task #1502: Fix hierarchy of permission levels.NewMatthew Jones

Task #1494: Create sequence diagrams for Authentication services.NewMatthew Jones

Task #1493: Create sequence diagrams for Identity Management functions.ClosedBen Leinfelder

Task #1485: Clean up authn requirements listingNewMatthew Jones

Task #1484: Decide on format for PrincipalsNewMatthew Jones

Task #1483: getAuthSession only accessible to MNs and CNSRejectedMatthew Jones

Task #1496: Create SAML module in design docs for Assertion classRejectedMatthew Jones

Task #1482: Design mechanism to collapse two accounts into oneNewMatthew Jones

Task #1481: Clarify spec that groups can own objectsNewMatthew Jones

Task #1474: Design verification process for new accountsNewMatthew Jones

Task #1473: Make default access policy explicit in Authz docs.NewMatthew Jones

Task #1472: Explain revocation policies via MN curator.NewMatthew Jones

Task #1471: Define implicit curator role at Member Nodes.NewMatthew Jones

Task #1466: Evaluate GrouperClosedMatthew Jones

Task #1047: Write Authentication system specificationIn ProgressMatthew Jones

Task #1048: Write authorization system specificationIn ProgressMatthew Jones

Task #1061: Identify approach to IdentityMappingIn ProgressMatthew Jones

Task #1467: Complete d1_schema changes for Authz and Authn.In ProgressMatthew Jones

Task #1470: Add API Authn method for listing users and groups.ClosedMatthew Jones

Task #1468: Define AuthSession fields in Types.txtClosedMatthew Jones

Task #1049: Adapt, adopt, or design Authorization rules syntaxClosedMatthew Jones

Task #1159: Add description of Group creation and management to design specs.In ProgressMatthew Jones

Task #1469: Add API definitions for Authentication.ClosedMatthew Jones

Task #1062: organize and categorize authz and authn requirementsClosedMatthew Jones

Task #1060: Resolve design decisions about location of the Authorization operations (CN vs MN)ClosedMatthew Jones

Task #1073: Design client application authentication redirection approach NewMatthew Jones

Task #1535: Add VerifiedUser symbolic principal to designClosedBen Leinfelder

Task #1573: Create and use Types.Session with authentication-related interfacesClosedMatthew Jones

Task #1743: Define the Public User subject.ClosedBen Leinfelder

Task #2281: Possibly update the Identity Management and Authenticated Session Management docNewMatthew Jones

Task #2664: Create documentation for how transitivity is enacted for authorizationNewMatthew Jones

Related issues

Related to Infrastructure - Story #2643: Finalize architecture docs for release Closed 2012-04-25 2014-09-24
Related to Infrastructure - Task #2688: Develop guidelines for how Subject entries are handled - creation, normalization, comparison New 2012-05-02 2013-03-16
Related to Infrastructure - Story #2830: Finalize documentation for availability at release Rejected 2012-05-30

History

#1 Updated by Chad Berkley over 13 years ago

See the TODO's in CrudService.authenticate() and CrudService.setAccess()

#2 Updated by Dave Vieglais over 13 years ago

  • Start date set to 2010-10-06
  • Milestone set to CCI-0.7
  • Tracker changed from Task to Story

#3 Updated by Dave Vieglais over 13 years ago

  • Target version set to Sprint-2010.45
  • Position changed from 1 to 60
  • Position set to 1

#4 Updated by Dave Vieglais over 13 years ago

  • Position set to 1
  • Position deleted (72)
  • Target version changed from Sprint-2010.45 to Sprint-2010.46

#5 Updated by Dave Vieglais over 13 years ago

  • Position set to 2
  • Position deleted (15)
  • Target version changed from Sprint-2010.46 to Sprint-2010.47

#6 Updated by Matthew Jones over 13 years ago

  • Target version changed from Sprint-2010.47 to Sprint-2010.48
  • Position set to 5
  • Position deleted (13)

#7 Updated by Dave Vieglais over 13 years ago

  • Position deleted (41)
  • Position set to 8
  • Target version changed from Sprint-2010.48 to Sprint-2010.50

#8 Updated by Matthew Jones over 13 years ago

  • Status changed from New to In Progress

#9 Updated by Dave Vieglais over 13 years ago

  • Target version changed from Sprint-2010.50 to Sprint-2011.01

#10 Updated by Dave Vieglais over 13 years ago

  • Position set to 25
  • Position deleted (17)
  • Target version changed from Sprint-2011.01 to Sprint-2011.02

#11 Updated by Dave Vieglais over 13 years ago

  • Position set to 47
  • Target version changed from Sprint-2011.02 to Sprint-2011.03
  • Position deleted (29)

#12 Updated by Dave Vieglais about 13 years ago

  • Position set to 1
  • Target version changed from Sprint-2011.03 to Sprint-2011.05
  • Position deleted (51)

#13 Updated by Dave Vieglais about 13 years ago

  • Position set to 13
  • Target version changed from Sprint-2011.05 to Sprint-2011.09-Block.2
  • Position deleted (23)

#14 Updated by Dave Vieglais about 13 years ago

  • Position deleted (63)
  • Target version changed from Sprint-2011.09-Block.2 to Sprint-2011.10-Block.2
  • Position set to 6

#15 Updated by Matthew Jones about 13 years ago

  • Position deleted (17)
  • Target version changed from Sprint-2011.10-Block.2 to Sprint-2011.11-Block.2
  • Position set to 6

#16 Updated by Dave Vieglais about 13 years ago

  • Position deleted (20)
  • Target version changed from Sprint-2011.11-Block.2 to Sprint-2011.12-Block.2
  • Position set to 6

#17 Updated by Dave Vieglais about 13 years ago

  • Position set to 4
  • Position deleted (12)
  • Target version changed from Sprint-2011.12-Block.2 to Sprint-2011.13-Block.2

#18 Updated by Matthew Jones about 13 years ago

  • Position set to 1
  • Position deleted (6)
  • Target version changed from Sprint-2011.13-Block.2 to Sprint-2011.14-Block.2

#19 Updated by Matthew Jones about 13 years ago

  • Subject changed from Authentication and Access control need D1 Specs to Create Authentication and Access control design specifications
  • Assignee changed from Dave Vieglais to Matthew Jones
  • Milestone changed from CCI-0.7 to 2011-Block-2

#20 Updated by Dave Vieglais about 13 years ago

  • Position deleted (27)
  • Position set to 22
  • Target version changed from Sprint-2011.14-Block.2 to Sprint-2011.15-Block.2

#21 Updated by Matthew Jones about 13 years ago

  • Position deleted (26)
  • Position set to 1
  • Target version changed from Sprint-2011.15-Block.2 to Sprint-2011.17-Block.3

#22 Updated by Matthew Jones almost 13 years ago

  • Position deleted (28)
  • Position set to 10
  • Target version changed from Sprint-2011.17-Block.3 to Sprint-2011.18-Block.3

#23 Updated by Matthew Jones almost 13 years ago

  • Position set to 1
  • Target version changed from Sprint-2011.18-Block.3 to Sprint-2011.19-Block.3
  • Position deleted (12)

#24 Updated by Dave Vieglais almost 13 years ago

  • Position deleted (2)
  • Position set to 1
  • Target version changed from Sprint-2011.19-Block.3 to Sprint-2011.20-Block.3

#25 Updated by Dave Vieglais almost 13 years ago

  • Position deleted (9)
  • Position set to 4
  • Target version changed from Sprint-2011.20-Block.3 to Sprint-2011.21-Block.3

#26 Updated by Dave Vieglais almost 13 years ago

  • Position set to 10
  • Target version changed from Sprint-2011.21-Block.3 to Sprint-2011.22-Block.3
  • Position deleted (26)

#27 Updated by Dave Vieglais almost 13 years ago

  • Target version changed from Sprint-2011.22-Block.3 to Sprint-2011.23-Block.3
  • Position deleted (11)
  • Position set to 1

#28 Updated by Dave Vieglais almost 13 years ago

  • Target version changed from Sprint-2011.23-Block.3 to Sprint-2011.26-Block.4
  • Position deleted (6)
  • Position set to 4

#29 Updated by Dave Vieglais over 12 years ago

  • Target version deleted (Sprint-2011.26-Block.4)
  • Position deleted (24)
  • Position set to 1

#30 Updated by Dave Vieglais over 12 years ago

  • Position deleted (27)
  • Position set to 13

#31 Updated by Dave Vieglais over 12 years ago

  • Position deleted (106)
  • Position set to 1

#32 Updated by Dave Vieglais about 12 years ago

  • Target version set to Sprint-2012.07-Block.1.4
  • Position set to 1
  • Position deleted (73)

#33 Updated by Dave Vieglais about 12 years ago

  • Target version changed from Sprint-2012.07-Block.1.4 to Sprint-2012.09-Block.2.1
  • Position set to 1
  • Position deleted (12)

#34 Updated by Dave Vieglais about 12 years ago

  • Position set to 26
  • Target version changed from Sprint-2012.09-Block.2.1 to Sprint-2012.11-Block.2.2
  • Position deleted (53)

#35 Updated by Matthew Jones about 12 years ago

  • Position set to 24
  • Position deleted (30)
  • Target version changed from Sprint-2012.11-Block.2.2 to Sprint-2012.13-Block.2.3

#36 Updated by Dave Vieglais about 12 years ago

  • Position changed from 1 to 425
  • Target version changed from Sprint-2012.13-Block.2.3 to Sprint-2012.19-Block.3.2
  • Position deleted (38)
  • Position set to 1

#37 Updated by Dave Vieglais almost 12 years ago

  • Target version changed from Sprint-2012.19-Block.3.2 to Sprint-2012.23-Block.3.4
  • Position set to 1
  • Position deleted (437)

#38 Updated by Matthew Jones almost 12 years ago

  • Position set to 1
  • Target version changed from Sprint-2012.23-Block.3.4 to Sprint-2012.25-Block.4.1
  • Position deleted (7)

#39 Updated by Dave Vieglais almost 12 years ago

  • Target version changed from Sprint-2012.25-Block.4.1 to Sprint-2012.29-Block.4.3
  • Milestone changed from 2011-Block-2 to None

#40 Updated by Chris Jones over 11 years ago

  • Target version changed from Sprint-2012.29-Block.4.3 to Sprint-2012.37-Block.5.3

#41 Updated by Dave Vieglais over 11 years ago

  • Target version changed from Sprint-2012.37-Block.5.3 to Sprint-2012.41-Block.6.1
  • Due date set to 2012-10-27

#42 Updated by Dave Vieglais over 11 years ago

  • Target version changed from Sprint-2012.41-Block.6.1 to Sprint-2012.46-Block.6.3
  • Due date changed from 2012-10-27 to 2012-12-01

#43 Updated by Chris Jones over 11 years ago

  • Due date changed from 2012-12-01 to 2013-01-05
  • Target version changed from Sprint-2012.46-Block.6.3 to Sprint-2012.50-Block.6.4

#44 Updated by Chris Jones over 11 years ago

  • Target version changed from Sprint-2012.50-Block.6.4 to 2013.2-Block.1.1
  • Due date changed from 2013-01-05 to 2013-01-19

#45 Updated by Chris Jones about 11 years ago

  • Due date changed from 2013-01-19 to 2013-03-16
  • Target version changed from 2013.2-Block.1.1 to 2013.10-Block.2.1

#46 Updated by Dave Vieglais over 10 years ago

  • Due date changed from 2013-03-16 to 2013-08-24
  • Target version changed from 2013.10-Block.2.1 to 2013.33-Block.4.4

#47 Updated by Chris Jones over 10 years ago

  • Due date changed from 2013-08-24 to 2014-01-18
  • Target version changed from 2013.33-Block.4.4 to 2014.2-Block.1.1

#48 Updated by Chris Jones about 10 years ago

  • Target version deleted (2014.2-Block.1.1)
  • Start date deleted (2010-11-10)
  • Due date deleted (2014-01-18)

#49 Updated by Dave Vieglais over 9 years ago

  • Due date set to 2014-10-01
  • Target version set to Maintenance Backlog
  • Start date set to 2014-10-01

#50 Updated by Dave Vieglais over 6 years ago

  • Sprint set to Infrastructure backlog

#51 Updated by Dave Vieglais over 6 years ago

  • Assignee changed from Matthew Jones to Dave Vieglais

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)