directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Pike <clp...@psu.edu>
Subject Re: All or Anonymous User Roles
Date Tue, 08 Dec 2015 15:26:18 GMT
Currently, our clients use the fortress API to lookup roles and permissions for the already
authenticated user. So being authenticated or anonymous is determined by the client and is
an input to the fortress API. 



----- Original Message -----
From: "Shawn McKinney" <smckinney@apache.org>
To: fortress@directory.apache.org
Sent: Tuesday, December 8, 2015 9:30:39 AM
Subject: Re: All or Anonymous User Roles

> 
> On Dec 8, 2015, at 7:41 AM, Chris Pike <clp207@psu.edu> wrote:
> 
> How would you handle giving roles/permissions to all authenticated or anonymous users
in fortress?

The tricky part here is building a search filter that captures these two conditions.  Before
I can help, will need to know a bit moreā€¦.

What is the criteria for a user to be considered authenticated.  For example, is a user considered
authenticated if having bound with the directory within the last 5 minutes?  

Similarly what is the criteria for being considered an anonymous user?  Which btw fortress
prevents anonymous binds by default.  

Once we can define the search criteria, it will be a simple matter to write a custom program
that assigns roles/permissions based on the results found.

Shawn

Mime
View raw message