grouper-users - Re: [grouper-users] Restricting access to Grouper
Subject: Grouper Users - Open Discussion List
List archive
- From: Baron Fujimoto <>
- To:
- Subject: Re: [grouper-users] Restricting access to Grouper
- Date: Tue, 21 Aug 2012 14:26:27 -1000
Thanks for the pointer to media.properties.
In grouper.properties, I have the following:
configuration.autocreate.group.name.1 = etc:uiUsers
configuration.autocreate.group.description.1 = users allowed to log in to the
UI
configuration.autocreate.group.subjects.1 = teststaf
and in grouper-ui/conf/resources/grouper/media.properties I've set
require.group.for.logins=etc:uiUsers
If I log in to Grouper as a user that is not in etc:uiUsers (or wheel type
group), I still seem to have access to the UI. Although I don't appear
to have any create, etc. type privileges, I can still perform searches and
browse from the "../grouper/doSearchSubjects.do" URL.
Aloha,
-baron
On Tue, Aug 21, 2012 at 04:10:08AM +0000, Chris Hyzer wrote:
: The grouper.properties can autocreate the UI / WS groups. You make the UI
be restricted to a group, you should be able to use the media.properties to
specify the group, and in the WS, its the grouper-ws.properties where you
specify it. Let me know how it goes.
:
: Thanks,
: Chris
:
: ________________________________________
: From:
[]
on behalf of Baron Fujimoto
[]
: Sent: Monday, August 20, 2012 11:12 PM
: To:
: Subject: [grouper-users] Restricting access to Grouper
:
: We'd like to be able to restrict access to the Grouper API (via the UI
: or WS) to a specified group of users. What is the recommended way to
: accomplish this using Grouper?
:
: grouper.example.properties includes some commented out entries that
: hint at a starting point to achieve this, but I wasn't able to find
: further examples or documentation on where to go from there; i.e. given
: this group, how to restrict the access?
:
: #configuration.autocreate.group.name.0 = etc:uiUsers
: #configuration.autocreate.group.description.0 = users allowed to log in to
the UI
: #configuration.autocreate.group.subjects.0 = johnsmith
:
--
Baron Fujimoto
<>
:: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
- [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/20/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/21/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/21/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/22/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/23/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/22/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/21/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/21/2012
Archive powered by MHonArc 2.6.16.