martindale
commented
8 years ago This has been started with maki-auth-simple.
Open martindale opened 9 years ago
martindale
commented
8 years ago This has been started with maki-auth-simple.
Maki should offer an extensible system for authenticating individual operations (client certificates as a reasonable first option), and then authorizing those operations (a capability-based scheme as the first option). Restrictions should be made per resource, per method, and individually per logic within a resource and its methods.
Authentication should take place as the first item in the Resource pipeline, while Authorization should take place as the last item in the
prepipeline.