directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [directory-fortress-enmasse] branch master updated: + more perms to table
Date Sun, 17 Mar 2019 07:09:00 GMT
This is an automated email from the ASF dual-hosted git repository.

smckinney pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-fortress-enmasse.git


The following commit(s) were added to refs/heads/master by this push:
     new c701960  + more perms to table
c701960 is described below

commit c7019603a25f2e840872c9c84bd4bcbeba52cc39
Author: Shawn McKinney <smckinney@apache.org>
AuthorDate: Sun Mar 17 02:08:55 2019 -0500

    + more perms to table
---
 README-SECURITY-MODEL.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README-SECURITY-MODEL.md b/README-SECURITY-MODEL.md
index 998d940..a91c2e9 100644
--- a/README-SECURITY-MODEL.md
+++ b/README-SECURITY-MODEL.md
@@ -24,7 +24,7 @@ ________________________________________________________________________________
  * 1. Java EE security
  * 2. Apache CXF's **SimpleAuthorizingInterceptor**
  * 3. Apache Fortress **ARBAC02 Checks**
- * The list of APIs that enforce ARBAC role range and OU checks.
+ * The list of APIs that enforce ARBAC role range, org unit and ADMIN perm checks.
 ___________________________________________________________________________________
 
 ## Document Overview
@@ -127,7 +127,7 @@ The ARBAC checks when enabled, include the following:
  There are two types of organziations, User and Permission.  For example, de/assignUser(User,
Role) will verify that the caller has an ADMIN role with a user org unit that matches the
ou of the target user.  
  There is a similar check on grant/revokePermission(Role, Permission), verifying the caller
has an activated ADMIN role with a perm org unit that matches the ou on the target permission.
 
-### The list of APIs that enforce ARBAC role range and OU checks.
+### The list of APIs that enforce ARBAC role range, org unit and ADMIN perm checks.
 
 |  #  | **Service**                    | Validate UserOU  | Validate PermOU | Role Range
Check | **ADMIN Permission**                                                             
                | 
 | --- | ------------------------------ | ---------------- | --------------- | ----------------
| -------------------------------------------------------------------------------------------------
|


Mime
View raw message