[OTDev] guest or anonymous user and the default member group
Micha Rautenberg mr at mrautenberg.deMon Jul 12 11:49:19 CEST 2010
- Previous message: [OTDev] Classified + Urgent
- Next message: [OTDev] Design.ppt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dear All, as discussed in the list before there are already default users for the authentication and authorization guest - with password guest and anonymous - with password anonymous as well there is a default "member" group for every user. So in LDAP terms a "guest" user is: uid=guest,ou=people,dc=opentox,dc=org and is member of the "member" group cn=member,ou=groups,dc=opentox,dc=org As an example for a policy-file see <!DOCTYPE Policies PUBLIC "-//Sun Java System Access Manager7.1 2006Q3 Admin CLI DTD//EN" "jar://com/sun/identity/policy/policyAdmin.dtd"> <Policies> <Policy name="policy_user" referralPolicy="false" active="true"> <Rule name="rule_user"> <ServiceName name="iPlanetAMWebAgentService" /> <ResourceName name="http://opentox.org/someuri/"/> <AttributeValuePair> <Attribute name="GET" /> <Value>allow</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="POST" /> <Value>allow</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="PUT" /> <Value>allow</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="DELETE" /> <Value>allow</Value> </AttributeValuePair> </Rule> <Subjects name="subjects_user" description=""> <Subject name="subject_user" type="LDAPUsers" includeType="inclusive"> <AttributeValuePair> <Attribute name="Values"/> <Value>uid=guest,ou=people,dc=opentox,dc=org</Value> </AttributeValuePair> </Subject> </Subjects> </Policy> <Policy name="policy_group" referralPolicy="false" active="true"> <Rule name="rule_group"> <ServiceName name="iPlanetAMWebAgentService" /> <ResourceName name="http://opentox.org/someuri/"/> <AttributeValuePair> <Attribute name="GET" /> <Value>allow</Value> </AttributeValuePair> </Rule> <Subjects name="subjects_group" description=""> <Subject name="subject_group" type="LDAPGroups" includeType="inclusive"> <AttributeValuePair> <Attribute name="Values"/> <Value>cn=member,ou=groups,dc=opentox,dc=org</Value> </AttributeValuePair> </Subject> </Subjects> </Policy> </Policies> best greets, Micha
- Previous message: [OTDev] Classified + Urgent
- Next message: [OTDev] Design.ppt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list