You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In ground systems, certain role has always a list of privileges associated with it. Having this information provided by Login service would allow consumer to know ahead what operations can be executed, and what operations would return AUTHORISATION_FAIL.
Below I described a proposed extension of the service.
Extend Common::Login::LoginRole ObjectBodyType from
Add new abstract type Common::Login::Privilege and define at least 1 standard privilege filter type Common::Login::OperationPrivilege with body:
MAL::UShort area
MAL::UShort service
MAL::UOctet version
MAL::UShort operation
Each part of the OperationPrivilege filter should allow a wildcard value (i.e. UShort.MaxValue or UOctet.MaxValue)
Privilege could also be defined as a separate COM Object, referenced from Role by an Object Id. It would reduce communication overhead when more complex Privilege composites are used.
The text was updated successfully, but these errors were encountered:
In ground systems, certain role has always a list of privileges associated with it. Having this information provided by Login service would allow consumer to know ahead what operations can be executed, and what operations would return AUTHORISATION_FAIL.
Below I described a proposed extension of the service.
Extend Common::Login::LoginRole ObjectBodyType from
to
Add new abstract type Common::Login::Privilege and define at least 1 standard privilege filter type
Common::Login::OperationPrivilege with body:
Each part of the OperationPrivilege filter should allow a wildcard value (i.e. UShort.MaxValue or UOctet.MaxValue)
Privilege could also be defined as a separate COM Object, referenced from Role by an Object Id. It would reduce communication overhead when more complex Privilege composites are used.
The text was updated successfully, but these errors were encountered: