[Freeipa-devel] [RFE] Anonymous and All permissions
Martin Kosek
mkosek at redhat.com
Mon Nov 4 15:33:55 UTC 2013
On 11/04/2013 02:49 PM, Petr Viktorin wrote:
> Hello,
>
> During discussions about fine-grained read ACIs [0], it became clear that we
> need to grant permissions to "all authenticated" and "all, even anonymous" users.
>
> Here is a design document for the feature:
> http://www.freeipa.org/page/V3/Anonymous_and_All_permissions
>
>
> [0] http://www.redhat.com/archives/freeipa-devel/2013-October/msg00050.html
>
Looks good to me. Pretty much reflects what were talking about in person.
Kudos for also writing the Test Cases. I am just thinking we may also want to
do some "functional" tests and e.g. add an anonymous permission to read some
hidden attribute and then to try to read it with anonymous LDAP search.
Martin
More information about the Freeipa-devel
mailing list