Geneva Server STS
https://stackoverflow.com/questions/1176826
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
My requirement is the claims assigned to a user are company aware so say for example User 1: is publisher for Product Manager for Company 1 but the same user is only editor for Company B. Can this be achieved through Geneva Server, or additional code needs to be written to override classes.
Solution
In my opinion it's the relying party itself should be making decisions on what roles to attach to a token based upon the identity itself.
However you can set rules based on individual relying parties and choose to serve information as a claim based on whatever the backing store says. Now how you represent that information in whatever backing store you are using (AD, LDAP, SQL, whatever) is a design decision at your end. You may also want to look at harnessing the claims transformation language in beta 2.
It's really hard to give any specific advice without knowing details about where your claim backing store is going to be and why you think you need to go this route.
