WSO2 Identity Server - Role management

StackOverflow https://stackoverflow.com/questions/19657393

Question

I have few doubts on configuring RBAC in WSO2:

  1. are supported hierarchical roles?
  2. is it possible to associate different roles to a user depending to a different authorization contexts? I.e. in DeptA a user can access a certain resource since having a manager role, while in DeptB cannot since having normal employee role.
  3. RBAC can be implemented with XACML policies? Any sample policies available with hierarchical roles?
Était-ce utile?

La solution

  1. In WSO2-IS, it's the permission model that is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner.

  2. I think this is not straightforward.If the resource is identified with the Dept, we will be able to control it's permission there. If so this can be handled with XACML policies as well.

  3. This sample policy may be of some help to you. http://pushpalankajaya.blogspot.com/2013/06/xacml-30-policies-multiple-rules-5.html

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top