- From: Wilde, Erik <Erik.Wilde@emc.com>
- Date: Mon, 15 Apr 2013 12:26:32 -0400
- To: Pierre-Antoine Champin <pierre-antoine.champin@liris.cnrs.fr>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>
- CC: "public-ldp-wg@w3.org" <public-ldp-wg@w3.org>
hello pierre-antoine. On 2013-04-15 0:26 , "Pierre-Antoine Champin" <pierre-antoine.champin@liris.cnrs.fr> wrote: >On Sun, Apr 14, 2013 at 12:24 PM, Ashok Malhotra ><ashok.malhotra@oracle.com> wrote: >| Access Control will be provided by the storage mechanism and not the >LDP server itself. >This is a very strong statement, and I'm not sure I agree in the general >case. >All the web applications that I know define their owl ACL above the >underlying RDBMS. i agree, and i think that's pretty much unavoidable for anything RESTy. the granularity of access control for REST is based on the REST resource model a service is exposing. how that maps to the granularity/model of the underlying data store (RDBMS, RDF, or XML) is something that is (a) independent of the underlying data store, and (b) often maps in non-trivial ways to the model that is used on the data store level. cheers, dret.
Received on Monday, 15 April 2013 16:27:15 UTC