Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[alf-dev] Requirements for ALF Roles

The requirements committee will be having a meeting on Wednesday, 8/31/05 to
discuss the role of security roles in ALF. Does anyone have any use cases or
requirements they would like to discuss or propose?

I have one: the ALF administrator should be able to specify which roles are
required (allowed?) to run specific service flows. For example, if some
service flow deletes items from a requirements tool, the user executing the
service flow should have the role 'Requirements Manager.' However, if the
service flow only reads from the requirements tool, then perhaps the user
only needs the 'Requirements Stakeholder' role.

Behind this suggestion lies several questions: How do roles get defined,
persisted and enforced (used?) in ALF? Do ALF roles trump tool permissions?
How do the ALF security roles get reflected in the individual tools
participating in ALF?

We need to discuss all of these issues during Wednesday's meeting.

Regards,

shaw




Back to the top