Hi, On Thu, May 26, 2011 at 10:20 AM, Hasini Gunasinghe <has...@wso2.com> wrote:
> This category name and the definition needs to be sorted out and I think > this discussion started to decide that. There is an jira [1] related to > this. > > In finalizing that, I have two questions: > 1. What is the actual requirement of displaying the category as 'Internal' > or 'External' in front of the role name? Because through UI, we enable > edit/delete options for a role only if the role is editable. > Internal/external categorization was introduced eliminate confusion. There were problems such as, -Why can't I edit this role? -Why can't I delete this role? If a role is editable/deletable (that means if WSO2 servers own this role) it was indicated internal. Otherwise external. Current usage of these categorization is wrong, and leads to more confusion. If you can suggest more better namings +1. tx, dimuthu > 2. IMO, above mentioned definition of *external* can lead to confusion when > the user store is external ldap with read/write permission, because then the > WSO2 UM may or may not have originated that role, but still it is editable > though management console. > > [1] https://wso2.org/jira/browse/CARBON-9195 > > Thanks, > Hasini. > > >> thanks, >> Amila. >> >>> >>> On Sun, May 22, 2011 at 11:10 AM, Hasini Gunasinghe <has...@wso2.com>wrote: >>> >>>> Hi, >>>> >>>> This is the understanding that I have regarding this. Please correct if >>>> anything is wrong. >>>> >>>> Differentiation of roles as external or internal is based on whether we >>>> manage user roles in the user store itself or in internal UM database in a >>>> hybrid manner. >>>> >>>> For an example, we find the above use case with LDAP user store where we >>>> can either manage roles in LDAP itself or in internal JDBC database in a >>>> hybrid manner (basically when user store is read only). >>>> >>>> In that case, internal role means: if a role is managed in internal UM >>>> database in a hybrid manner. >>>> external role means: if a role is managed in LDAP >>>> user store - can be either embedded LDAP or external LDAP. >>>> >>>> >>> Roles defined in embedded LDAP are not external. >>> >>> It really doesn't matter whether the underlying implementation is JDBC or >>> LDAP. Users should not be worrying about underlying implementation. >>> >>> tx, >>> dimuthul >>> >>> >>> >>>> I think above mail is related to issue: >>>> https://wso2.org/jira/browse/CARBON-9195. The issue reported there is >>>> the default behavior according to above understanding. >>>> Because JDBC user store manager handles roles in hybrid manner only when >>>> "read only" property is set to true in user-mgt.xml. >>>> >>>> Thanks, >>>> Hasini. >>>> >>>> On Fri, May 6, 2011 at 11:09 AM, Amila Jayasekara <ami...@wso2.com>wrote: >>>> >>>>> Hi All, >>>>> >>>>> How do we define whether a particular role is internal or external ? >>>>> (Role type) >>>>> >>>>> After a chat with Pavithra, we came to following conclusion. >>>>> >>>>> If a role is defined within a server we treat those as internal roles. >>>>> If a server reads role information from some other user store we >>>>> consider those as external roles. >>>>> >>>>> If above definition is not correct, please advice. >>>>> >>>>> Thanks >>>>> AmilaJ >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> Carbon-dev@wso2.org >>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> In functionality wise there is no issue. > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
