Sorry for the late response... If we are trying to create an isolated environment here - can't we do the same by having a container per security circle - so we do not have to do anything at the code level (basically, we treat the security circle as a tenant)
Are there anything shared between the security circles...or overlaps between security circles..? It would be great if you can model this with a diagram.... Thanks & regards, -Prabath On Sun, Oct 16, 2016 at 1:07 AM, Ishara Karunarathna <isha...@wso2.com> wrote: > Hi All, > > With the current IS implementation We have individual SP configurations > and we associate authentication chains, claim, provisioning configurations > etc.. to that service provider configuration. > As a improvement to this we can group these configurations lets say a > security circle. > > For a security circle [SC]. > We can configure set of service providers within a SC. > Associate Userstores to that SC > Define Authentication chain, Provision config etc.. > Configre Administration policies Ex: only users in wso2admin can manage > the wso2 security circle. > Group authorization policies belong to this circle. > Once we configure those it will be applicable to all service providers and > can override with SP level configurations. > We can have different login sessions to each circle. > > How can we use this. > Achieve Enterprise SaaS application use case discussed in [1] > No need to configure same configurations in each SP level can inherit from > SC configurations. > Since we are going with container base Multi tenancy in C5, If a user does > not like, that can be handle with this security circle. > > Thanks, > Ishara > [1] "[C5 IS] Multi-tenancy in C5 based IS" > > -- > Ishara Karunarathna > Associate Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 > > > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://facilelogin.com
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
