grouper-dev - ldappc provisioning permission infomation about groups
Subject: Grouper Developers Forum
List archive
- From: "Allen Chen" <>
- To: "grouper-dev" <>
- Subject: ldappc provisioning permission infomation about groups
- Date: Fri, 28 Dec 2007 09:23:15 +0800
I have a
question, if I authorize a group some privileges, how can I provision the
permission infomation about the group to ldap?
The following configuration is copied from
comanage recommended config:
<signet>
<permissions-listing stored-as="string"
string-object-class="eduPerson"
string-attribute="eduPersonEntitlement"
string-prefix="urn:mace:internet2-nlr.edu:permission" />
<permissions-queries>
<subsystem-queries>
<subsystem-list>
<subsystem id="i2nlr" />
</subsystem-list>
</subsystem-queries>
<!--
<function-queries>
<function-list>
<function id="" />
</function-list>
</function-queries>
-->
</permissions-queries>
</signet>
<permissions-listing stored-as="string"
string-object-class="eduPerson"
string-attribute="eduPersonEntitlement"
string-prefix="urn:mace:internet2-nlr.edu:permission" />
<permissions-queries>
<subsystem-queries>
<subsystem-list>
<subsystem id="i2nlr" />
</subsystem-list>
</subsystem-queries>
<!--
<function-queries>
<function-list>
<function id="" />
</function-list>
</function-queries>
-->
</permissions-queries>
</signet>
But if I want to deal with the permission of a
group, what's the correct configuration?
I know the group in signet is also treated as a
subject. Should those attributes in ldappc.xml be changed? Such
as string-object-class, string-attribute?
And since I haven't succeed in provisioning groups permission into
LDAP, I want to know how permission of a group present in
LDAP? Is the permission of group in the attrbutes of the group
entry?
Allen
Chen
2007-12-28
- ldappc provisioning permission infomation about groups, Allen Chen, 12/27/2007
- Re: [grouper-dev] ldappc provisioning permission infomation about groups, Tom Barton, 12/29/2007
Archive powered by MHonArc 2.6.16.