-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spec: comment aam spec file #61
Comments
Some comments:
I think those roles are concretely just set of policies in the aam. They are not directly visible to the users.
Subscriptions on data sources can be made on Orion: https://fiware-orion.readthedocs.io/en/master/user/walkthrough_apiv2/index.html#subscriptions But Orion doesn't seem to support specific authorizations mechanism: http://fiware-orion.readthedocs.io/en/0.25.0/user/security/index.html I don't think that the aam should keep track of every single entity created in Orion... However we could decide to create a "Fiware-Service" for each user registered. The aam could then grant access to this specific Fiware-Service.
What do you call identity here?
Deis has its own registration mechanism:
Waziup should probably provide authentication as a service to apps. It could be a front-end authentication page (login/password) for applications pushed... This page would be presented before the user can access an application.
As said I don't think the aam should be aware of all the entities/subscriptions...
|
too old, closing |
Initial Authentication and Authorization Manager (AAM) spec file is here:
https://github.com/Waziup/Platform/blob/master/identity/access_control_spec.md
The text was updated successfully, but these errors were encountered: