Hi folks, I am currently working on the $subject for EMM 1.1.0 release. EMM 1.0.0 used the default jaggery carbon module and internal user and group modules to solve the UM aspect. Below are some of the issues we have -
- Coupling to the email - Roles creation is ambiguous (for example not write access to the User store) - User creation (no write access to User store) - Not supporting secondary User store - XACML usage The new UserModule aims to solve the above problems. There will be a config file that has configs whether to enable internal role and user creation. If enabled and write access is not provided - we create users and roles internally. If disabled we will remove those elements from UI and disable operations from the API. The new UserModule will always pass the carbon user object [1]. All the static operations that will be used will be under the UserModule. The new UserModule will remove XACML for permission. Even though we used XACML for permissions on operations in the last version (1.0.0) we didn't see a real advantage of it for the features we had. For 1.1.0 we discussed to remove XACML and use a database table to handle permissions for roles. However -we'll be incorporating XACML in the future releases (1.2.0 perhaps) and will be giving the real advantage of it (eg:- time based permissions, write your own XACML in EMM UI). Cheers~ [1] - https://github.com/wso2/jaggery-extensions/blob/master/carbon/module/scripts/user/user.js -- Chan (Dulitha Wijewantha) Software Engineer - Mobile Development WSO2Mobile Lean.Enterprise.Mobileware * ~Email duli...@wso2.com <duli...@wso2mobile.com>* * ~Mobile +94712112165* * ~Website dulitha.me <http://dulitha.me>* * ~Twitter @dulitharw <https://twitter.com/dulitharw>* *~Github @dulichan <https://github.com/dulichan>* *~SO @chan <http://stackoverflow.com/users/813471/chan>*
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
