Changes between Version 37 and Version 38 of GAPI_AM_API_DRAFT
- Timestamp:
- 03/06/12 10:20:07 (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GAPI_AM_API_DRAFT
v37 v38 664 664 665 665 = Change Set L: Change SFA credentials' privileges = 666 Our goal is to simplify and standardize privilege strings . Currently there are wildcards, bind, embed, and others. They are confusing. We also want extensibility to use these credentials elsewhere in future.666 Our goal is to simplify and standardize privilege strings used in SFA credentials. Currently there are wildcards, bind, embed, and others. They are confusing. We also want extensibility to use these credentials elsewhere in future. 667 667 668 668 Credentials should support these kinds of operations: … … 688 688 689 689 Privilege and credential semantics are defined as follows: 690 - Aggregates may only grant access to a method if at least one valid credential691 - grants the required privilege (if any)690 - Aggregates may only grant access using current SFA credentials to a method if at least one such valid credential: 691 - grants the required privilege or privileges (if any) 692 692 - to the caller of the API method 693 693 - (identified by their SSL client certificate and the {{{owner_gid}}} in the credential) 694 694 - over the slice (if any) on which they are operating 695 695 - ({{{target_gid}}} in the credential). 696 - Other privileges may be present in the same or other credentials .696 - Other privileges may be present in the same or other credentials, and other non-SFA credentials may be used to authorize actions (per [#ChangeSetG:Credentialsaregeneralauthorizationtokens. Change Set G]. 697 697 - Local aggregate policy may deny access to a particular method even in the presence of a valid credential granting the required privilege. 698 698 - Some operations (e.g. !GetVersion) may either simply require a valid credential with no particular privilege, or have no {{{credentials}}} argument at all. 699 699 700 Note also that some current AMs do not require any particular privileges to do !ListResources, even with a {{{slice_urn}}}. This change explicitly requires that aggregates require a valid slice credential with {{{CanRead}}} privileges to perform this operation.700 Note also that some current AMs do not require any particular privileges to do !ListResources, even with a {{{slice_urn}}}. This change explicitly requires that aggregates require a valid slice credential with {{{CanRead}}} privileges to authorize this operation using current slice credentials. 701 701 702 702 -----