[Zope3-dev] Re: role (contextual) services?l
Tres Seaver
tseaver at zope.com
Mon Apr 5 13:48:27 EDT 2004
Jim Fulton wrote:
> Philipp von Weitershausen wrote:
>
> ...
>
>> Out of the box, no. But I'm sure someone will someday provide a
>> security policy + principal source that does give us groups. Maybe in
>> addition to roles, maybe instead or maybe both. Any takers? *wink*
>
>
> There was a convincing argument made on this list a while back that
> it is better *not* to think of groups as principals. I suggest that
> we adopt this point of view. (I just updated the glossary entry. :)
> Then groups would be an artifact only of a particular security policy,
> independent of authentication service implementations.
I remember the assertion, but I don't remember being convinced.
Certainly groups don't authenticate; if that is all that a "principal"
means, then why did we abandon "user"?
For authorization purposes, groups *are* (compound) principals; they
can be bound (via whatever mechanism the policy supports) to
permissions. The composite pattern is particularly appropriate because
groups may contain both users ("leaf" principals) and other groups
("composite" principals). A security policy which honors groups grants
permissions to principals, perhaps directly, or perhaps via an
indirection like roles.
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope3-dev
mailing list