[Freeipa-devel] URI in HBAC - design page
Rob Crittenden
rcritten at redhat.com
Wed Mar 23 15:54:55 UTC 2016
Lukáš Hellebrandt wrote:
> I created a design page for the feature:
>
> http://www.freeipa.org/page/URI-based-HBAC-design
>
>
Can you make the ticket reference a link?
Is it expected that a full URI will be used, including protocol? Your
early examples are http://path/to/somewhere and later you just use
/path/to/somewhere. Will protocol be allowed? I ask because it can be
problematic because users would have to consider and remember http vs
https, for example.
What happens if ftp, for example, added HBAC support and wanted to
utilize this but wanted different access control by protocol?
I think case sensitivity might be pretty important too, though might be
best left as an exercise for the user.
I'm not sure what you mean by the CLI section. It seems like you are
just adding in a uri option so I'd be explicit. Showing possible usage
would be handy too.
What kind of regex validation can be done, if any?
rob
More information about the Freeipa-devel
mailing list