Task #6502 (new)
Opened 13 years ago
Last modified 10 years ago
Complex new_user_group configurations — at Version 4
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-Beta4.4.1 |
Component: | Security | Version: | n.a. |
Keywords: | n.a. | Cc: | lkolchin@…, cxallan, bpindelski, atarkowska |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by jmoore)
If groups for a particular user in LDAP are not found still assign user to a default group. Something like:
omero.ldap.new_user_group=defaultgroupname&&:query:... omero.ldap.new_user_group=:query:...||defaultgroupname
This group will take precedence, i.e. will be assigned first and lookup for additional groups (LDAP groups) will continue (successfully or not) and not prevent the user from logging in.
Further, this should most likely include a way to specify the permissions per group that comes from LDAP (.e.g :query(perms=rwr---):...)
Other ideas from Chris:
- Allow adding arbitrary data in the specification similar
- Allow setting a user's default group
Even more ideas:
- Take group owner from LDAP
See: http://lists.openmicroscopy.org.uk/pipermail/ome-users/2011-August/002772.html
Change History (4)
comment:1 Changed 12 years ago by jmoore
- Description modified (diff)
- Priority changed from major to critical
comment:2 Changed 12 years ago by jmoore
- Cc cxallan added
- Description modified (diff)
- Milestone changed from Unscheduled to OMERO-Beta4.4
comment:3 Changed 12 years ago by jmoore
- Milestone changed from OMERO-Beta4.4 to OMERO-Beta4.4.1
comment:4 Changed 12 years ago by jmoore
- Description modified (diff)
Advanced LDAP features will have to wait until after 4.4.0.