From: Marty K. <mrk...@co...> - 2010-02-11 20:37:08
|
I made changes to replace role by access security level. I comitted to org.epics.pvData.accessSecurity. I also added two new files: AccessSecurityLevel.java and AccessSecurityLevelFactory.java. These are a way to associate names with level. I made the default set of names: "internal","configuration","calibration","runtime". Thus unknown is gone. I did this so the default level is internal. If default is unknown then it will be necessary to specifically define an access security level for every field of every record instance. Also I did not do anything about: > I was asking in another mail if we should provide a plugin possibility > to use an external service for authZ (e.g. user/group relations being > kept in LDAP instead of explicitly configured in the AS XML). > Do we have more comments or an agreement on that? > > > How does this change syntax? Marty |