[Spread-users] request on clarification of AA policies

[Anton Zubenko]

Greetings to all spread community.

I'd like to get more information about authentication and autorization
engines, implemented in spread.
The whitepaper "Framework for Authentication and Access Control of Client-Server Group Communication Systems", 
available at documentation section of the website is a good start point. 
However I can't find any helpfull info on implementing the real
Access Control Policy, any kind of examples or so...

What is the supposed way for spread application developer to go
when he needs a custom AA policy?
Does current version of spread of spread allow just IP based authentication?
If so - what would be the way to expand the list of options?

The situation with access control is even less clear.
This part of sample.spread.conf doesn't explain the way to build a custtom policy,
however it gives an idea that this is fiseable...
-------------
#Set the current access control policy.
# This is only needed if you want to establish a customized policy.
# The default policy is to allow any actions by authenticated clients.
#AccessControlPolicy = "PERMIT"
-------------

I hope that someone can explain this to me!
Thanks for inputs in advance.

All the best, Anton.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.spread.org/pipermail/spread-users/attachments/20040108/3bdfee19/attachment.html