WSO2 Identity Server - Role management

StackOverflow https://stackoverflow.com/questions/19657393

سؤال

I have few doubts on configuring RBAC in WSO2:

  1. are supported hierarchical roles?
  2. is it possible to associate different roles to a user depending to a different authorization contexts? I.e. in DeptA a user can access a certain resource since having a manager role, while in DeptB cannot since having normal employee role.
  3. RBAC can be implemented with XACML policies? Any sample policies available with hierarchical roles?
هل كانت مفيدة؟

المحلول

  1. In WSO2-IS, it's the permission model that is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner.

  2. I think this is not straightforward.If the resource is identified with the Dept, we will be able to control it's permission there. If so this can be handled with XACML policies as well.

  3. This sample policy may be of some help to you. http://pushpalankajaya.blogspot.com/2013/06/xacml-30-policies-multiple-rules-5.html

مرخصة بموجب: CC-BY-SA مع الإسناد
لا تنتمي إلى StackOverflow
scroll top