GT 3.9.4 Development Release Notes for WS A&A Authorization Framework
- Component Overview
- Feature Summary
- Changes Summary
- Bug Fixes
- Known Problems
- Technology Dependencies
- Tested Platforms
- Backward Compatibility Summary
- For More Information
Component Overview
The WS Authentication and Authorization component allows for a variety of
authorization schemes, including the use of the grid-mapfile, an
access control list defined by a service, a custom authorization
handler and the use of an authorization service via the SAML protocol.
Feature Summary
Features new in release 3.9.4
- SAML callout enables outsourcing of authorization decisions to an authorization service (e.g. PERMIS)
Other Supported Features
- Authorization based on
grid-mapfileand other access control lists- Ability to implement custom authorization modules
Deprecated Features
- None
Changes Summary
Authorization when no authentication is required
We no longer invoke any authorization modules when a method is invoked and the service or resource does not impose any authentication requirements on said method.
Internationalization
The authorization framework code has been internationalized.
Bug Fixes
- Bug 2367: No relative path for grid-mapfile in Security Descriptor.
Known Problems
None
Technology Dependencies
The WS Authentication and Authorization component depends on the following GT components:
- WS Authentication and Authorization Message-Level Security
The WS Authentication and Authorization components depends on the following 3rd party software:
- OpenSAML
Tested Platforms
Backward Compatibility Summary
Protocol changes in the Authorization Framework since GT version 3.2
- Addition of the SAML authorization callout
API changes since GT version 3.2
- None
Exception changes since GT version 3.2
- None
Schema changes since GT version 3.2
- None
For More Information
Click here for more information about this component.