W3C home > Mailing lists > Public > public-annotation@w3.org > December 2016

Re: [web-annotation] Client can't determine if user has authorization to modify annotation

From: gsergiu via GitHub <sysbot+gh@w3.org>
Date: Wed, 14 Dec 2016 15:45:22 +0000
To: public-annotation@w3.org
Message-ID: <issue_comment.created-267068270-1481730319-sysbot+gh@w3.org>
@fhirsch 
> permission is given by whom?
Permissions are typically associated to roles, and roles are asigned 
either to user groups of to users directly. 

However the policies are typically more complicated ...
We can think of having and administrator of the system, a moderator, 
an owner (i.e. creator) of the annotation, even an software agent 
(i.e. generator) or a unidentified user (i.e. annonymous). All of 
these roles make sense in an (moderated) annotation system.

This .. is about authorization ... the authentication is easier.
However, for both I'll suggest consulting the oauth standard
https://oauth.net/2/
Br,
Sergiu




-- 
GitHub Notification of comment by gsergiu
Please view or discuss this issue at 
https://github.com/w3c/web-annotation/issues/19#issuecomment-267068270
 using your GitHub account
Received on Wednesday, 14 December 2016 15:45:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:51 UTC