Feature #20
Improve attribute release security
| Status: | New | Start: | 04/29/2009 | |
| Priority: | Low | Due date: | ||
| Assigned to: | - | % Done: | 0% |
|
| Category: | - | Spent time: | - | |
| Target version: | - | |||
Description
The current Attribute authority implementation should be overhauled to switch from an "all attributes" mode on AA requests to an "approved attributes" mode on a request.
Approved attributes should be determined based upon the active metadata for the calling SPEP along with any additional restrictions placed in the Attribute request sent by the SPEP. (No attributes in the request means that all attributes allowed for that SPEP should be returned).
NB: If an SPEP requests attributes that are not approved in metadata then they MUST NOT be sent. SP with no attributes in MD gets no attributes for any request.
History
Updated by Shaun Mangelsdorf 476 days ago
- Priority changed from Normal to Low
Updated by Shaun Mangelsdorf 476 days ago
- Tracker changed from Bug to Feature