E4/Security

From Eclipsepedia

< E4
Revision as of 11:24, 8 August 2008 by John arthorne.ca.ibm.com (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Sessions, Role-based Access and Security

  • From Architecture Council/Minutes May 15 2008#Sessions, Role-based Access and Security:
    • For role-based hiding of UI elements, Capabilities got better in 3.4
    • For role-based denial of services in non-UI, need some basic concepts ("user", "role", "session") - coarse grained, not necessarily using Java Security
    • Mapping Roles onto Sessions seems the right thing
    • We should consider 'user' as a first class entity in Eclipse. We know we'll need something akin for multi user/session management for web based Eclipse. A first class user notion would allow us to hang the roles off something, and might make it cleaner to extend capabilities. --KevinM