[Date Prev][Date Next] [Chronological] [Thread] [Top]

HEADS UP: Access Control changes to be committed soon



A number of access control changes will be committed this week.

0) defaultaccess semantics changed.  When access controls are available,
regardless of their applicability, for the database (backend-specific or global),
the implied default access will always be none.  The default access can
only be used to establish a default access in lieu of access controls.
This change may change the behavior rules that relied on implicit,
non-"none" defaulting.

1) The ACL engine will support descrete access permissions as opposed
to access levels.  Existing access level keywords will be mapped appropriate
permissions to mimic old behavior.  ie:
  write level will implies write, read, search, compare and authenticate permission

  access to attr=userPassword
    by self =w       # grant just write permissions to self
    by anonymous =x  # grant just authentication permissions to anonymous
    by * none

2) The ACL engine support limited flow control directives (stop, continue,
break) and support additive and substractive permissions.  The rule above
could be written:

  access to attr=userPassword
    by self =w         # grant just write permissions to self
    by * none continue # grant none, but continue
    by anonymous +x    # grant just authentication permissions to anonymous

Note:
  stop (default) means to stop processing if what clause matches
  continue means to continue processing at next what clause
  break means to continue processing at next who clause.


These allows you greater flexibility in implementation your access
control policy (especially when combined with dynamic access control
information attributes).  However, it is not 100% backwards compatible
with previous ACLs.  Also, this is only round 2... there will likely
be additional changes made before 2.0-release.

-- 
Kurt D. Zeilenga <kurt@boolean.net>
Net Boolean Incorporated <http://www.boolean.net/>