Hi all, Following the discussion earlier this year, I'd like to get a better idea of what is required to support privileges in Syncope 2.1.0:
https://lists.apache.org/thread.html/ba605687b7ed742350834a535b67bda8ab15fe56a4bb75c3dc2b98cd@%3Cdev.syncope.apache.org%3E To summarise the problem - right now Roles are associated with Entitlements, which are predefined entities that are only used in terms of access management within Syncope itself. However we would like to associate roles with privileges as well (as stated in the thread above, we can always change the names) to better map standard concepts of a Role, for example in SCIM. Should privileges be defined only as Strings or do we need a new type? Do we need a new REST service etc just for privileges? The concept of an application was also mentioned in the previous thread (a role has a privilege for a given application). How will applications be modeled in Syncope? Will they be optional (if for example we just want to treat privileges as plain Strings that are interpreted in a third party application in some way)? Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
