CADC User Authorization Model

The CADC User Authorization Model is a model for representing CADC users and groups. The model is used primarily in the GMS and Users Web services.

User Class Features

In the system, a user is uniquely identified by one Principal (in CADC's case that is of type NumericPrincipal) but can have a number of other identities for different contexts:

• HttpPrincipal: Web user identity associated with Simple HHTP User Password access.
• X500Principal: X509 certificate identity.
• NumericPrincipal: An numeric identity associated with a user. Typically, used internally within a system.
• OpenIdPrincipal: An OpenID identity.

Group Class Features

Groups represet associations of users. Members of groups can be groups of users or simple users. groupWrite and groupRead represent the groups that have read and read-and-write permissions to the current group.