Pluggable access control for administrative functions

Basics

Logistics

Basics

Logistics

Description

Would like to be able to support reloadable policies for things like IP access rules to access the status handler and similar functions.

Environment

None

Activity

Scott Cantor
July 19, 2014 at 5:35 AM

Built a simple API for access control and facades for reloadable ServiceableComponent layer to expose it to flow actions.

Reworked status flow to demonstrate approach, and moved the IP range rules out of idp.properties and into a policy file. Property now refers to a named policy rule, so we can reuse policies across flows or deployers can create separate rules.

This is extensible to other plugins, but if we want real authentication support, the best way to do that is to build a subflow and run that inside the various admin flows. The subflow could be built to run the simple CheckAccess action or could run the full login subflow, which also supports IP controls.

Resize issue view side panel

Fixed

Details

Assignee

Scott Cantor

Reporter

Scott Cantor

Components

Configuration

Fix versions

3.0.0-alpha2

Created July 19, 2014 at 5:31 AM

Updated July 19, 2014 at 5:35 AM

Resolved July 19, 2014 at 5:35 AM

Pluggable access control for administrative functions

Description

Environment

Activity

Scott Cantor
July 19, 2014 at 5:35 AM

Details

Assignee

Reporter

Components

Fix versions

Flag notifications

Something's gone wrong

Pluggable access control for administrative functions

Description

Environment

Activity

Scott Cantor July 19, 2014 at 5:35 AM

Details

Assignee

Reporter

Components

Fix versions

Flag notifications

Something's gone wrong

Scott Cantor
July 19, 2014 at 5:35 AM