← Back to team overview

launchpad-dev team mailing list archive

Re: using PermissiveSecurityPolicy when serving private xmlrpc requests

 

On Monday 01 March 2010 12:29:41 Jonathan Lange wrote:
> > It would look pretty much how I described it. We would keep our existing
> > web app security policy, and would have to define one or more "system"
> > users, as which the internal systems would authenticate. It's a bit
> > trickier here, since our web service API users don't have the same
> > freedom as our internal API users. For example, scripts can do things on
> > behalf of other users. When the link a branch, they can say which person
> > should be registered as linking the branch. I think we would have to
> > rework how the API works, in order for our internal systems to use it,
> > but maybe not.
> 
> Yeah, I have no idea on the best way to do the "on behalf of" thing.

We need something like sudo.




References