Menu
▾
▴
Re: [Exist-development] security refactoring
|
From: Adam R. <ad...@ex...> - 2010-07-21 21:04:34
|
> - 'system account' (id = 0, dba group), it will be use by system only. > It will be useful as owner of the /system resources, so it will be never > modified by anybody, only by system it self (throw special functions); fine :-) > - 'nobody' (id = -1, guest group), the use didn't offer himself. This > account can't be used as resource owner. How is this any different to the current 'guest' user? > Next in my plan (next two weeks): > > - change the major version number of the security subsystem; > > - add collection /system/security, it will be use for setting, accounts > and roles information; > > - use collections: /system/security/( internal, openid, ldap, > activeDirectory) & etc, one per realm, other words each realm will have > separate collection. > > - each realm's collection will have subcollection: role (or should I > use 'group' as name?), user & file: settings.xml (I'll implement runtime > reconfiguration) > > - each group or user will be at single file. > > (I will put converter to transform old structure to new one) > > Any comments? > > -- > Cheers, > > Dmitriy Shabanov > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > Exist-development mailing list > Exi...@li... > https://lists.sourceforge.net/lists/listinfo/exist-development > > -- Adam Retter eXist Developer { United Kingdom } ad...@ex... irc://irc.freenode.net/existdb |
