Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] Local entity for WS service account

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Local entity for WS service account

Chronological Thread 
  • From: Chris Hyzer <>
  • To: Mike Roszkowski <>, "" <>
  • Subject: RE: [grouper-users] Local entity for WS service account
  • Date: Tue, 16 Oct 2012 15:32:14 +0000
  • Accept-language: en-US

Local entities can have an attribute which is the subject identifier.

This is autocreated for you, depending on your config, might be here:


Assign this to the local entity (e.g. with UI), and give the string value
which is the identifier (with no colons in it).

Then try to authenticate with that value and see if it works.

Let me know

-----Original Message-----

On Behalf Of Mike Roszkowski
Sent: Tuesday, October 16, 2012 11:14 AM

Subject: [grouper-users] Local entity for WS service account

I'd like to create a "service account" in grouper for an application.
The app will use web services to access grouper, so needs to be
able to authenticate via basic auth to the grouper web services.

My first attempt was to use gsh's addSubject("mst-test","application","MST
test account")
and set the loginid, name, and description subject attributes,
but that doesn't seem to create a subject, as findSubject("mst-test") returns
// Error: subject not found: mst-test

So, I thought I'd try a local entity. I created one using the Lite UI called:

findSubject("control:applications:mst-test") works, but now I'm faced with
trying to authenticate control:applications:mst-test via tomcat basic
auth and the colon is an illegal character in basic auth usernames per

Is there a way I can use a local entity to authenticate via basic auth
to grouper-ws? Or is there another approach I should be using to create
a "service account?"

Thanks for any help you can offer.
--Mike Roszkowski
University of Wisconsin-Madison

Archive powered by MHonArc 2.6.16.

Top of Page