...
- Enforce policies at Datastream, Object and Collection level. (Rely on either RELS-EXT or Fedora's bundled RIsearch for evaluating collection memberships.) This is already supported in the Muradora authZ AuthZ work by supporting the precedence rule, where the policy at at the lower level takes precedence over that at higher levels.
Wiki Markup Support use of Fedora Objects' POLICY datastream. \[The Muradora preference is to store the Policy in a separate Policy store (XML database) for efficiency and simpler implementation.\]
- Support for the new REST API.
General
- Keep the implementation stable & current
- Bundle solution with Fedora and include it in the installer
- Audit the Implementation for potential security flaws
- Support community innovation & allow people to completely replace the whole thing if they wish
- Ensure that there are points that allow for future development
...
- Support Shibboleth
- Support OpenID & OpenAuth
- Support Single Sign-on (SSO) - must be pluggable/overridable
- Allow for Custom AuthNUser Interface and REST API for editing policies on Objects, Datastreams, and Collections
- Simple, intuitive, well documented vocabulary for controlling Read, Create, Edit, Delete, and "Change Permissions" for Collections, Objects, and Datastreams
- User interface & REST API for editing policies on Collections, Objects, and Datastreams
- Allow repository managers to find out what policies apply to a given Object, Datastream, or Collection
Work Packages
In order to satisfy the Requirements for an initial release, the following work must be done.
...