| Re: [higgins-dev] IdAS Security Management questions |
|
On #1, you can call IContext.getSubjects(IFilter) with a filter that will return all "user" subjects. What's a user subject? That would be up to your application and the way it views the schema of the context it consumes. Some contexts have the notion of some kind of "person" subject type, and this is what you'd go searching for (if your application considers "person" to be a "user"). On #2 (Creating users): assuming you consider "http://www.eclipse.org/higgins/ontologies/2006/person-with-address#Person" types to be users: call myContext.addSubject("ypilipenko", "http://www.eclipse.org/higgins/ontologies/2006/person-with-address#Person"); On #2 (what permissions will new users have) and on #3: Because there is not yet any notion of access control in the Higgins Data Model, the permissions would be determined by the backing data store's access control model (if any). There are defects logged for the definition of an access control model. On the last part of #2 (How to manage user accounts), there are a lot of interfaces and methods used to get and create subjects (which can represent users -- see above), as well as to modify the attributes of those subjects, and delete them. If you give me a specific task example I can tell you what API's would be called.
Jim I have some questions concerning changing passwords http://wiki.eclipse.org/IdAS_Change_Password and thus managing users in contexts: 1. If I can change password of another identity how can I determine what the Identities exists in the context at all, i.e. can I enumerate all of the context identities that present users or user accounts? 2. How can I create such user accounts and what permissions will it have? How to manage such user accounts (get, create, modify, delete)? 3. How manage the identity (user account) permissions?
Regards, Yuriy Pilipenko. |