...
A general design principle of the FSL approach is that an objects object can only belong to one collection for authoriztion purposes, but multiple collections for presentation purposes.
Authentication (AuthN)
- Support surrogate authentication and document how to do it
- Support LDAP and Tomcat-Users
- Implement authentication in a modular way so that participating organizations can write their own adapters (ie. Drupal integration)
- Use servlet filters to enforce access controls on all inbound requests
...