Task #6502 (new)
Opened 13 years ago
Last modified 10 years ago
Complex new_user_group configurations — at Version 1
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | Unscheduled |
Component: | Security | Version: | n.a. |
Keywords: | n.a. | Cc: | lkolchin@…, cxallan, bpindelski, atarkowska |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by jmoore)
If groups for a particular user in LDAP are not found still assign user to a default group. Something like:
omero.ldap.new_user_group=defaultgroupname&&:query:... omero.ldap.new_user_group=:query:...||defaultgroupname
This group will take precedence, i.e. will be assigned first and lookup for additional groups (LDAP groups) will continue (successfully or not) and not prevent the user from logging in.
Further, this should most likely include a way to specify the permissions per group that comes from LDAP (.e.g :query(perms=rwr---):...)
See: http://lists.openmicroscopy.org.uk/pipermail/ome-users/2011-August/002772.html
Change History (1)
comment:1 Changed 12 years ago by jmoore
- Description modified (diff)
- Priority changed from major to critical