grouper-users - Re: [grouper-users] Restricting access to Grouper
Subject: Grouper Users - Open Discussion List
List archive
- From: Baron Fujimoto <>
- To:
- Subject: Re: [grouper-users] Restricting access to Grouper
- Date: Wed, 22 Aug 2012 11:16:54 -1000
Since I'm still confused, perhaps I should have asked, is this the expected
behavior? I expected some sort of more explicit "You don't have permission
to use Grouper" type error message or page.
Aloha,
-baron
On Tue, Aug 21, 2012 at 02:26:27PM -1000, Baron Fujimoto wrote:
: Thanks for the pointer to media.properties.
:
: In grouper.properties, I have the following:
:
: configuration.autocreate.group.name.1 = etc:uiUsers
: configuration.autocreate.group.description.1 = users allowed to log in to
the UI
: configuration.autocreate.group.subjects.1 = teststaf
:
: and in grouper-ui/conf/resources/grouper/media.properties I've set
:
: require.group.for.logins=etc:uiUsers
:
: If I log in to Grouper as a user that is not in etc:uiUsers (or wheel type
: group), I still seem to have access to the UI. Although I don't appear
: to have any create, etc. type privileges, I can still perform searches and
: browse from the "../grouper/doSearchSubjects.do" URL.
:
:
: On Tue, Aug 21, 2012 at 04:10:08AM +0000, Chris Hyzer wrote:
: : The grouper.properties can autocreate the UI / WS groups. You make the
UI be restricted to a group, you should be able to use the media.properties
to specify the group, and in the WS, its the grouper-ws.properties where you
specify it. Let me know how it goes.
: :
: : Thanks,
: : Chris
: :
: : ________________________________________
: : From:
[]
on behalf of Baron Fujimoto
[]
: : Sent: Monday, August 20, 2012 11:12 PM
: : To:
: : Subject: [grouper-users] Restricting access to Grouper
: :
: : We'd like to be able to restrict access to the Grouper API (via the UI
: : or WS) to a specified group of users. What is the recommended way to
: : accomplish this using Grouper?
: :
: : grouper.example.properties includes some commented out entries that
: : hint at a starting point to achieve this, but I wasn't able to find
: : further examples or documentation on where to go from there; i.e. given
: : this group, how to restrict the access?
: :
: : #configuration.autocreate.group.name.0 = etc:uiUsers
: : #configuration.autocreate.group.description.0 = users allowed to log in
to the UI
: : #configuration.autocreate.group.subjects.0 = johnsmith
: :
:
: --
: Baron Fujimoto
<>
:: UH Information Technology Services
: minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
--
Baron Fujimoto
<>
:: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
- [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/20/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/21/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/21/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/22/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/23/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/22/2012
- Re: [grouper-users] Restricting access to Grouper, Baron Fujimoto, 08/21/2012
- RE: [grouper-users] Restricting access to Grouper, Chris Hyzer, 08/21/2012
Archive powered by MHonArc 2.6.16.