You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Manfredo Hopp <mh...@gmail.com> on 2015/03/18 21:23:09 UTC
Memberships
Hi, from doc.
"The primary purpose of identity management systems is to manage data
belonging to *users*; it is common practice in such systems to define as
well entities called *roles* that helps in defining and enforcing security
policies. In addition to this, Syncope explicitly represents the fact that
users can be assigned to roles by mean of *memberships*."
How is the latter achieved, or how is it possible to assign users to
Memberships.
I tried to create a Membership setting user and role but doesnt seem to
work..
Regards
Re: Memberships
Posted by Manfredo Hopp <mh...@gmail.com>.
Marco from core.log I can see that no records are updated with memberships
as seen below:
core.log
14:21:58.377 DEBUG
org.apache.syncope.core.sync.impl.AbstractSyncopeResultHandler - Process
CREATE_OR_UPDATE for 98 as ObjectClass: __ACCOUNT__
14:21:58.464 DEBUG
org.apache.syncope.core.sync.impl.AbstractSyncopeResultHandler - About to
update [153]
14:21:58.464 DEBUG
org.apache.syncope.core.sync.impl.AbstractSyncopeResultHandler - About to
update 153
14:21:59.038 DEBUG
org.apache.syncope.core.sync.impl.AbstractSyncopeResultHandler -
Transformed: org.apache.syncope.common.mod.UserMod@2da65c20[
password=<null>
username=<null>
membershipsToAdd=[]
membershipsToRemove=[]
pwdPropRequest=<null>
securityQuestion=<null>
securityAnswer=<null>
resourcesToAdd=[]
resourcesToRemove=[]
id=153
attrsToUpdate=[]
attrsToRemove=[]
derAttrsToAdd=[]
derAttrsToRemove=[]
virAttrsToUpdate=[]
virAttrsToRemove=[]
]
But userTO has updates set in SyncAction as seen below:
:org.apache.syncope.common.to.UserTO@4ea504a[
memberships=[org.apache.syncope.common.to.MembershipTO@29def712[
roleId=151
roleName=USR
id=0
derAttrs=[]
virAttrs=[]
attrs=[]
creator=<null>
creationDate=<null>
lastModifier=<null>
lastChangeDate=<null>
]]
status=active
token=<null>
tokenExpireTime=<null>
username=98
lastLoginDate=<null>
changePwdDate=Thu Mar 19 18:29:17 ART 2015
failedLogins=0
securityQuestion=<null>
securityAnswer=<null>
resources=[Usuarios, menu]
propagationStatusTOs=[]
id=153
derAttrs=[]
virAttrs=[org.apache.syncope.common.to.AttributeTO@333d2ccb[
.....
Regards
2015-03-20 5:44 GMT-03:00 Marco Di Sabatino Di Diodoro <
marco.disabatino@tirasa.net>:
>
> Il 19/03/2015 22:44, Manfredo Hopp ha scritto:
>
> Thank you Marco I tested it with no errors but no memberships where
> created, maybe there is some configuration missing. I verified action
> class containing your code is active.
>
>
> Please debug your syncAction and show syncope core logs.
> In my example, the sync action assigns a role to an user. Also if you
> want to associate a membership attribute, you have to add other code.
>
> Before this, you will need to create a membership schema, a role and
> configure the template in your Role and SyncAction:
>
> UserTO userTO = (UserTO) subject;
>
> MembershipTO membershipTO = new MembershipTO();
> membershipTO.setRoleId(roleId);
> final AttributeTO attributeTO = new AttributeTO();
> attributeTO.setSchema("membershipSchemaName");
> attributeTO.getValues().add("values");
>
> //Add membership attribute
> membershipTO.getAttrs().add(attributeTO);
> //Add role to the user
> userTO.getMemberships().add(membershipTO);
>
> Regards
> M
>
>
>
> Regards
>
> 2015-03-19 12:34 GMT-03:00 Marco Di Sabatino Di Diodoro <
> marco.disabatino@tirasa.net>:
>
>> Hi Manfredo,
>>
>> Il 19/03/2015 16:09, Manfredo Hopp ha scritto:
>>
>> Thank you Marco is it possible to do the same through SyncAction?
>>
>> I tried with:
>>
>> Membership mem = new Membership();
>> mem.setSyncopeRole(r);
>> mem.setSyncopeUser(u);
>>
>>
>> UserTO userTO = (UserTO) subject;
>>
>> MembershipTO membershipTO = new MembershipTO();
>> membershipTO.setRoleId(roleId);
>>
> userTO.getMemberships().add(membershipTO);
>>
>> Regards
>> Marco
>>
>>
>
>> Regards
>>
>>
>> 2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro <
>> marco.disabatino@tirasa.net>:
>>
>>> Hi Manfredo,
>>>
>>> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>>>
>>> Hi, from doc.
>>>
>>> "The primary purpose of identity management systems is to manage data
>>> belonging to *users*; it is common practice in such systems to define
>>> as well entities called *roles* that helps in defining and enforcing
>>> security policies. In addition to this, Syncope explicitly represents the
>>> fact that users can be assigned to roles by mean of *memberships*."
>>>
>>> How is the latter achieved, or how is it possible to assign users to
>>> Memberships.
>>> I tried to create a Membership setting user and role but doesnt seem to
>>> work..
>>>
>>> To be able to assign a role to a user and populate the membership you
>>> must perform the following steps:
>>>
>>> 1) Go to Schema tab, then click Membership subtab.
>>> 2) Create a new membership.
>>> 3) Click to Roles tab, then create a new Role.
>>> 4) In the configuration of the new role, you must not forget to add the membership
>>> attribute. To do this, you need to go under the Template subtab from
>>> edit RoleModalPage and move the membership schema from Available to
>>> Selected.
>>> 5) Save.
>>>
>>> You are ready to create a new user, assign a role and and populate the
>>> value of its membership.
>>>
>>> 1) Go to User Tab.
>>> 2) Click on create.
>>> 3) Fill all fields.
>>> 4) Click on Roles subtab.
>>> 5) Add the role that you have configured before.
>>> 6) In "Selected Roles", click edit link.
>>> 7) Enter the value in your membership field.
>>>
>>> Regards
>>> Marco
>>>
>>>
>>>
>>> Regards
>>>
>>>
>>> --
>>> Dott. Marco Di Sabatino Di Diodoro
>>> Tel. +39 3939065570
>>>
>>> Tirasa S.r.l.
>>> Viale D'Annunzio 267 - 65127 Pescara
>>> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>>>
>>> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>>>
>>>
>>
>> --
>> Dott. Marco Di Sabatino Di Diodoro
>> Tel. +39 3939065570
>>
>> Tirasa S.r.l.
>> Viale D'Annunzio 267 - 65127 Pescara
>> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>>
>> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>>
>>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>
> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>
>
Re: Memberships
Posted by Manfredo Hopp <mh...@gmail.com>.
Should users with same id have same usersTO object in different SyncActions
methods?
If answer is yes I have a SyncAction where this is not happening.
UserTo object with userid(153) in beforeUpdate() method :
org.apache.syncope.common.to.UserTO@3af4d81a[
memberships=[]
status=active
token=<null>
tokenExpireTime=<null>
username=98
lastLoginDate=<null>
changePwdDate=Thu Mar 19 18:29:17 ART 2015
failedLogins=0
securityQuestion=<null>
securityAnswer=<null>
resources=[Usuarios, menu]
propagationStatusTOs=[]
id=153
UserTo object with userid(153) in after() method :
org.apache.syncope.common.to.UserTO@3ea5de[
memberships=[]
status=active
token=<null>
tokenExpireTime=<null>
username=98
lastLoginDate=<null>
changePwdDate=Thu Mar 19 18:29:17 ART 2015
failedLogins=0
securityQuestion=<null>
securityAnswer=<null>
resources=[Usuarios, menu]
propagationStatusTOs=[]
id=153
2015-03-20 5:44 GMT-03:00 Marco Di Sabatino Di Diodoro <
marco.disabatino@tirasa.net>:
>
> Il 19/03/2015 22:44, Manfredo Hopp ha scritto:
>
> Thank you Marco I tested it with no errors but no memberships where
> created, maybe there is some configuration missing. I verified action
> class containing your code is active.
>
>
> Please debug your syncAction and show syncope core logs.
> In my example, the sync action assigns a role to an user. Also if you
> want to associate a membership attribute, you have to add other code.
>
> Before this, you will need to create a membership schema, a role and
> configure the template in your Role and SyncAction:
>
> UserTO userTO = (UserTO) subject;
>
> MembershipTO membershipTO = new MembershipTO();
> membershipTO.setRoleId(roleId);
> final AttributeTO attributeTO = new AttributeTO();
> attributeTO.setSchema("membershipSchemaName");
> attributeTO.getValues().add("values");
>
> //Add membership attribute
> membershipTO.getAttrs().add(attributeTO);
> //Add role to the user
> userTO.getMemberships().add(membershipTO);
>
> Regards
> M
>
>
>
> Regards
>
> 2015-03-19 12:34 GMT-03:00 Marco Di Sabatino Di Diodoro <
> marco.disabatino@tirasa.net>:
>
>> Hi Manfredo,
>>
>> Il 19/03/2015 16:09, Manfredo Hopp ha scritto:
>>
>> Thank you Marco is it possible to do the same through SyncAction?
>>
>> I tried with:
>>
>> Membership mem = new Membership();
>> mem.setSyncopeRole(r);
>> mem.setSyncopeUser(u);
>>
>>
>> UserTO userTO = (UserTO) subject;
>>
>> MembershipTO membershipTO = new MembershipTO();
>> membershipTO.setRoleId(roleId);
>>
> userTO.getMemberships().add(membershipTO);
>>
>> Regards
>> Marco
>>
>>
>
>> Regards
>>
>>
>> 2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro <
>> marco.disabatino@tirasa.net>:
>>
>>> Hi Manfredo,
>>>
>>> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>>>
>>> Hi, from doc.
>>>
>>> "The primary purpose of identity management systems is to manage data
>>> belonging to *users*; it is common practice in such systems to define
>>> as well entities called *roles* that helps in defining and enforcing
>>> security policies. In addition to this, Syncope explicitly represents the
>>> fact that users can be assigned to roles by mean of *memberships*."
>>>
>>> How is the latter achieved, or how is it possible to assign users to
>>> Memberships.
>>> I tried to create a Membership setting user and role but doesnt seem to
>>> work..
>>>
>>> To be able to assign a role to a user and populate the membership you
>>> must perform the following steps:
>>>
>>> 1) Go to Schema tab, then click Membership subtab.
>>> 2) Create a new membership.
>>> 3) Click to Roles tab, then create a new Role.
>>> 4) In the configuration of the new role, you must not forget to add the membership
>>> attribute. To do this, you need to go under the Template subtab from
>>> edit RoleModalPage and move the membership schema from Available to
>>> Selected.
>>> 5) Save.
>>>
>>> You are ready to create a new user, assign a role and and populate the
>>> value of its membership.
>>>
>>> 1) Go to User Tab.
>>> 2) Click on create.
>>> 3) Fill all fields.
>>> 4) Click on Roles subtab.
>>> 5) Add the role that you have configured before.
>>> 6) In "Selected Roles", click edit link.
>>> 7) Enter the value in your membership field.
>>>
>>> Regards
>>> Marco
>>>
>>>
>>>
>>> Regards
>>>
>>>
>>> --
>>> Dott. Marco Di Sabatino Di Diodoro
>>> Tel. +39 3939065570
>>>
>>> Tirasa S.r.l.
>>> Viale D'Annunzio 267 - 65127 Pescara
>>> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>>>
>>> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>>>
>>>
>>
>> --
>> Dott. Marco Di Sabatino Di Diodoro
>> Tel. +39 3939065570
>>
>> Tirasa S.r.l.
>> Viale D'Annunzio 267 - 65127 Pescara
>> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>>
>> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>>
>>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>
> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>
>
Re: Memberships
Posted by Marco Di Sabatino Di Diodoro <ma...@tirasa.net>.
Il 19/03/2015 22:44, Manfredo Hopp ha scritto:
> Thank you Marco I tested it with no errors but no memberships where
> created, maybe there is some configuration missing. I verified action
> class containing your code is active.
Please debug your syncAction and show syncope core logs.
In my example, the sync action assigns a role to an user. Also if you
want to associate a membership attribute, you have to add other code.
Before this, you will need to create a membership schema, a role and
configure the template in your Role and SyncAction:
UserTO userTO = (UserTO) subject;
MembershipTO membershipTO = new MembershipTO();
membershipTO.setRoleId(roleId);
final AttributeTO attributeTO = new AttributeTO();
attributeTO.setSchema("membershipSchemaName");
attributeTO.getValues().add("values");
//Add membership attribute
membershipTO.getAttrs().add(attributeTO);
//Add role to the user
userTO.getMemberships().add(membershipTO);
Regards
M
>
>
> Regards
>
> 2015-03-19 12:34 GMT-03:00 Marco Di Sabatino Di Diodoro
> <marco.disabatino@tirasa.net <ma...@tirasa.net>>:
>
> Hi Manfredo,
>
> Il 19/03/2015 16:09, Manfredo Hopp ha scritto:
>> Thank you Marco is it possible to do the same through SyncAction?
>>
>> I tried with:
>>
>> Membership mem = new Membership();
>> mem.setSyncopeRole(r);
>> mem.setSyncopeUser(u);
>>
>
> UserTO userTO = (UserTO) subject;
>
> MembershipTO membershipTO = new MembershipTO();
> membershipTO.setRoleId(roleId);
>
> userTO.getMemberships().add(membershipTO);
>
> Regards
> Marco
>
>>
>> Regards
>>
>>
>> 2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro
>> <marco.disabatino@tirasa.net <ma...@tirasa.net>>:
>>
>> Hi Manfredo,
>>
>> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>>> Hi, from doc.
>>>
>>> "The primary purpose of identity management systems is to
>>> manage data belonging to/users/; it is common practice in
>>> such systems to define as well entities called/roles/that
>>> helps in defining and enforcing security policies. In
>>> addition to this, Syncope explicitly represents the fact
>>> that users can be assigned to roles by mean of/memberships/."
>>>
>>> How is the latter achieved, or how is it possible to assign
>>> users to Memberships.
>>> I tried to create a Membership setting user and role but
>>> doesnt seem to work..
>> To be able to assign a role to a user and populate the
>> membership you must perform the following steps:
>>
>> 1) Go to Schema tab, then click Membership subtab.
>> 2) Create a new membership.
>> 3) Click to Roles tab, then create a new Role.
>> 4) In the configuration of the new role, you must not forget
>> to add the membership attribute. To do this, you need to go
>> under the Template subtab from edit RoleModalPage and move
>> the membership schema from Available to Selected.
>> 5) Save.
>>
>> You are ready to create a new user, assign a role and and
>> populate the value of its membership.
>>
>> 1) Go to User Tab.
>> 2) Click on create.
>> 3) Fill all fields.
>> 4) Click on Roles subtab.
>> 5) Add the role that you have configured before.
>> 6) In "Selected Roles", click edit link.
>> 7) Enter the value in your membership field.
>>
>> Regards
>> Marco
>>>
>>>
>>> Regards
>>>
>>
>> --
>> Dott. Marco Di Sabatino Di Diodoro
>> Tel. +39 3939065570
>>
>> Tirasa S.r.l.
>> Viale D'Annunzio 267 - 65127 Pescara
>> Tel +39 0859116307 / FAX +39 0859111173
>> http://www.tirasa.net
>>
>> Apache Syncope PMC Member
>> http://people.apache.org/~mdisabatino/ <http://people.apache.org/%7Emdisabatino/>
>>
>>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173
> http://www.tirasa.net
>
> Apache Syncope PMC Member
> http://people.apache.org/~mdisabatino/ <http://people.apache.org/%7Emdisabatino/>
>
>
--
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570
Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net
Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/
Re: Memberships
Posted by Manfredo Hopp <mh...@gmail.com>.
Thank you Marco I tested it with no errors but no memberships where
created, maybe there is some configuration missing. I verified action
class containing your code is active.
Regards
2015-03-19 12:34 GMT-03:00 Marco Di Sabatino Di Diodoro <
marco.disabatino@tirasa.net>:
> Hi Manfredo,
>
> Il 19/03/2015 16:09, Manfredo Hopp ha scritto:
>
> Thank you Marco is it possible to do the same through SyncAction?
>
> I tried with:
>
> Membership mem = new Membership();
> mem.setSyncopeRole(r);
> mem.setSyncopeUser(u);
>
>
> UserTO userTO = (UserTO) subject;
>
> MembershipTO membershipTO = new MembershipTO();
> membershipTO.setRoleId(roleId);
> userTO.getMemberships().add(membershipTO);
>
> Regards
> Marco
>
>
>
> Regards
>
>
> 2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro <
> marco.disabatino@tirasa.net>:
>
>> Hi Manfredo,
>>
>> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>>
>> Hi, from doc.
>>
>> "The primary purpose of identity management systems is to manage data
>> belonging to *users*; it is common practice in such systems to define as
>> well entities called *roles* that helps in defining and enforcing
>> security policies. In addition to this, Syncope explicitly represents the
>> fact that users can be assigned to roles by mean of *memberships*."
>>
>> How is the latter achieved, or how is it possible to assign users to
>> Memberships.
>> I tried to create a Membership setting user and role but doesnt seem to
>> work..
>>
>> To be able to assign a role to a user and populate the membership you
>> must perform the following steps:
>>
>> 1) Go to Schema tab, then click Membership subtab.
>> 2) Create a new membership.
>> 3) Click to Roles tab, then create a new Role.
>> 4) In the configuration of the new role, you must not forget to add the membership
>> attribute. To do this, you need to go under the Template subtab from
>> edit RoleModalPage and move the membership schema from Available to
>> Selected.
>> 5) Save.
>>
>> You are ready to create a new user, assign a role and and populate the
>> value of its membership.
>>
>> 1) Go to User Tab.
>> 2) Click on create.
>> 3) Fill all fields.
>> 4) Click on Roles subtab.
>> 5) Add the role that you have configured before.
>> 6) In "Selected Roles", click edit link.
>> 7) Enter the value in your membership field.
>>
>> Regards
>> Marco
>>
>>
>>
>> Regards
>>
>>
>> --
>> Dott. Marco Di Sabatino Di Diodoro
>> Tel. +39 3939065570
>>
>> Tirasa S.r.l.
>> Viale D'Annunzio 267 - 65127 Pescara
>> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>>
>> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>>
>>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>
> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>
>
Re: Memberships
Posted by Marco Di Sabatino Di Diodoro <ma...@tirasa.net>.
Hi Manfredo,
Il 19/03/2015 16:09, Manfredo Hopp ha scritto:
> Thank you Marco is it possible to do the same through SyncAction?
>
> I tried with:
>
> Membership mem = new Membership();
> mem.setSyncopeRole(r);
> mem.setSyncopeUser(u);
>
UserTO userTO = (UserTO) subject;
MembershipTO membershipTO = new MembershipTO();
membershipTO.setRoleId(roleId);
userTO.getMemberships().add(membershipTO);
Regards
Marco
>
> Regards
>
>
> 2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro
> <marco.disabatino@tirasa.net <ma...@tirasa.net>>:
>
> Hi Manfredo,
>
> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>> Hi, from doc.
>>
>> "The primary purpose of identity management systems is to manage
>> data belonging to/users/; it is common practice in such systems
>> to define as well entities called/roles/that helps in defining
>> and enforcing security policies. In addition to this, Syncope
>> explicitly represents the fact that users can be assigned to
>> roles by mean of/memberships/."
>>
>> How is the latter achieved, or how is it possible to assign users
>> to Memberships.
>> I tried to create a Membership setting user and role but doesnt
>> seem to work..
> To be able to assign a role to a user and populate the membership
> you must perform the following steps:
>
> 1) Go to Schema tab, then click Membership subtab.
> 2) Create a new membership.
> 3) Click to Roles tab, then create a new Role.
> 4) In the configuration of the new role, you must not forget to
> add the membership attribute. To do this, you need to go under the
> Template subtab from edit RoleModalPage and move the membership
> schema from Available to Selected.
> 5) Save.
>
> You are ready to create a new user, assign a role and and populate
> the value of its membership.
>
> 1) Go to User Tab.
> 2) Click on create.
> 3) Fill all fields.
> 4) Click on Roles subtab.
> 5) Add the role that you have configured before.
> 6) In "Selected Roles", click edit link.
> 7) Enter the value in your membership field.
>
> Regards
> Marco
>>
>>
>> Regards
>>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173
> http://www.tirasa.net
>
> Apache Syncope PMC Member
> http://people.apache.org/~mdisabatino/ <http://people.apache.org/%7Emdisabatino/>
>
>
--
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570
Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net
Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/
Re: Memberships
Posted by Manfredo Hopp <mh...@gmail.com>.
Thank you Marco is it possible to do the same through SyncAction?
I tried with:
Membership mem = new Membership();
mem.setSyncopeRole(r);
mem.setSyncopeUser(u);
Regards
2015-03-19 5:38 GMT-03:00 Marco Di Sabatino Di Diodoro <
marco.disabatino@tirasa.net>:
> Hi Manfredo,
>
> Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
>
> Hi, from doc.
>
> "The primary purpose of identity management systems is to manage data
> belonging to *users*; it is common practice in such systems to define as
> well entities called *roles* that helps in defining and enforcing
> security policies. In addition to this, Syncope explicitly represents the
> fact that users can be assigned to roles by mean of *memberships*."
>
> How is the latter achieved, or how is it possible to assign users to
> Memberships.
> I tried to create a Membership setting user and role but doesnt seem to
> work..
>
> To be able to assign a role to a user and populate the membership you must perform
> the following steps:
>
> 1) Go to Schema tab, then click Membership subtab.
> 2) Create a new membership.
> 3) Click to Roles tab, then create a new Role.
> 4) In the configuration of the new role, you must not forget to add the membership
> attribute. To do this, you need to go under the Template subtab from edit
> RoleModalPage and move the membership schema from Available to Selected.
> 5) Save.
>
> You are ready to create a new user, assign a role and and populate the
> value of its membership.
>
> 1) Go to User Tab.
> 2) Click on create.
> 3) Fill all fields.
> 4) Click on Roles subtab.
> 5) Add the role that you have configured before.
> 6) In "Selected Roles", click edit link.
> 7) Enter the value in your membership field.
>
> Regards
> Marco
>
>
>
> Regards
>
>
> --
> Dott. Marco Di Sabatino Di Diodoro
> Tel. +39 3939065570
>
> Tirasa S.r.l.
> Viale D'Annunzio 267 - 65127 Pescara
> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net
>
> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/
>
>
Re: Memberships
Posted by Marco Di Sabatino Di Diodoro <ma...@tirasa.net>.
Hi Manfredo,
Il 18/03/2015 21:23, Manfredo Hopp ha scritto:
> Hi, from doc.
>
> "The primary purpose of identity management systems is to manage data
> belonging to/users/; it is common practice in such systems to define
> as well entities called/roles/that helps in defining and enforcing
> security policies. In addition to this, Syncope explicitly represents
> the fact that users can be assigned to roles by mean of/memberships/."
>
> How is the latter achieved, or how is it possible to assign users to
> Memberships.
> I tried to create a Membership setting user and role but doesnt seem
> to work..
To be able to assign a role to a user and populate the membership you
must perform the following steps:
1) Go to Schema tab, then click Membership subtab.
2) Create a new membership.
3) Click to Roles tab, then create a new Role.
4) In the configuration of the new role, you must not forget to add the
membership attribute. To do this, you need to go under the Template
subtab from edit RoleModalPage and move the membership schema from
Available to Selected.
5) Save.
You are ready to create a new user, assign a role and and populate the
value of its membership.
1) Go to User Tab.
2) Click on create.
3) Fill all fields.
4) Click on Roles subtab.
5) Add the role that you have configured before.
6) In "Selected Roles", click edit link.
7) Enter the value in your membership field.
Regards
Marco
>
>
> Regards
>
--
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570
Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net
Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/