...
- Time: 11:00am Eastern Daylight Time US (UTC-4)
- Google Hangouts: https://plus.google.com/hangouts/_/event/ccnv0ba94h3fb2je3gscunqc49g
- IRC:
- Join the #duraspace-ff chat room via Freenode Web IRC (enter a unique nick)
- Or point your IRC client to #duraspace-ff on irc.freenode.net
Attendees
- Andrew Woods
- Greg Jansen
- Osman Din
- Yuqing Jiang
- Benjamin Armintor
- A. Soroka
- Chris Beer
- Ed Fugikawa
- Jon Gibson
- Michael Durbin
Agenda
- Fedora 3.7 Status
- Reminder: CLAs
- Fedora 4 Updates
- AuthN/Z
- Policy-driven storage
- OAI-PMH initiative
- Fedora 4 General
- Async Storage API... strawpeople?
- Modeling deletes
Notes
Minutes
3.7 Release Status
- Ben is wrapping up issues
- Working on library upgrades
- Working on connection management
- Trying to fix connection mgmt and modernizing IT a bit
- Branch - uniform http
- Release candidate - timing dependent on current clean-up
CLAs
- Turn them in, contributors!
AuthN/AuthZ Work
- Design: https://wiki.duraspace.org/display/FF/Authentication+and+Authorization
- Questions
- Policies concerned with API (actions) or object structure (nodes mgmt)
- More at the link
- Going forward with JBoss’s OSS XACML implementation
- Possible dependency on MODE-1920 if authZ pushed into the JCR level
- Possible to use MODE’s Changeset API as the evaluation point?
- Figuring out relationship of OAuth tokens, roles, etc. to the PDP/enforcement framework
- Tokens are related to a few things:
- User
- Scopes - tend to be broader than resources
- Client working on behalf of the user
- Tokens are related to a few things:
- Could we get a Hydra institution to sponsor an alternative “PDP” impl around RightsMetadata?
- Contact Hydra steering team
- Greg Jansen is pretty familiar with XACML syntax
- How insulated is xacml from fedora4?
- Create policies around object model - helps keep xacml separate
- Would be good if demo on oxford would use an external oauth provider (google...)
Policy Driven Storage
- Design/implementation in-progress for updating policy configuration via HTTP
- Would like to be able to make storage decision based on any type of property
Asynchronous Storage
- References
- Regarding async HTTP-API
- "For any and all PUT/POST/DELETE operations, we return “202 In progress” and a new “Status” resource, which contains a 0-to-100 progress indicator, a target_uri for whatever’s being operated on, an op to identify the operation, and, when progress reaches 100, status and message fields to tell how the operation came out.
- The idea is that this is designed to give a hook that implementors can make cheap to poll.
- However, since most of the clients with which we are concerned will be machines and not browsers, we could use webhooks for the purpose.
- JAX-RS-2.0 has the async notion built into its Client spec
- Jersey reference implementation: https://jersey.java.net/documentation/latest/async.html
...