Have we considered permission based access control rather having role based?.. Almost all our carbon access control done using permissions rather roles.
On Tue, Sep 16, 2014 at 9:53 AM, Tharindu Edirisinghe <tharin...@wso2.com> wrote: > Thanks Suresh & Prasad... > > I think Option 2 and 3 suggested by Suresh together would solve the > issue... but before that I have to check from where this role name is > referred. If the user can change the role name, that name should be > retrieved from all the places the where the role is used if for the role > name, SP's name is referred. > > On Mon, Sep 15, 2014 at 11:02 PM, Suresh Attanayaka <sur...@wso2.com> > wrote: > >> However in the role of the application, those have edit permission to the >> application. That is why we have to be careful here. First question is, how >> we can get a role with the same name here. Three options here. >> >> 1. If role exist, don't try to create a new, use the existing - Issue : >> Users who were in that role inherently gets edit permissions to the >> application which might not be the expected behavior. >> >> 2. If role exist, fail application creating. Log a proper Error message >> in the log file. >> >> 3. Allow the role name to be specified in the SP Config. So this will be >> configurable to user an existing role or create a new role if it doesn't >> exist. >> >> Thanks, >> -Suresh >> >> On Mon, Sep 15, 2014 at 9:31 AM, Tharindu Edirisinghe <tharin...@wso2.com >> > wrote: >> >>> Hi, >>> >>> I'm working on issue [1 <https://wso2.org/jira/browse/IDENTITY-2717>] >>> and noticed following. >>> >>> When registering a Service Provider, it creates an internal role with >>> the same name given for SP. If we already have an internal role with the >>> name given for the new SP, we cannot register the SP as the role creation >>> for SP fails. >>> >>> [1] https://wso2.org/jira/browse/IDENTITY-2717 >>> >>> -- >>> >>> Thanks & Best Regards, >>> >>> Tharindu Edirisinghe >>> Software Engineer >>> >>> *WSO2 Inc* >>> *email : tharin...@wso2.com <tharin...@wso2.com> * >>> *mobile : +94 775 181586* >>> *www: :http://wso2.com <http://wso2.com/> *lean . enterprise . >>> middleware >>> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Suresh Attanayake >> Senior Software Engineer; WSO2 Inc. http://wso2.com/ >> Blog : http://sureshatt.blogspot.com/ >> Twitter : https://twitter.com/sureshatt >> LinkedIn : http://lk.linkedin.com/in/sureshatt >> Mobile : +94755012060 >> > > > > -- > > Thanks & Best Regards, > > Tharindu Edirisinghe > Software Engineer > > *WSO2 Inc* > *email : tharin...@wso2.com <tharin...@wso2.com> * > *mobile : +94 775 181586* > *www: :http://wso2.com <http://wso2.com/> *lean . enterprise . middleware > > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Regards, *Darshana Gunawardana*Software Engineer WSO2 Inc.; http://wso2.com *E-mail: darsh...@wso2.com <darsh...@wso2.com>* *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
