Hello Dominik, I haven't done it myself, but I'd start here:
https://www.freeipa.org/page/Web_App_Authentication Rafael On Thu, Apr 16, 2020 at 5:11 AM Dominik Vogt via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > Hi folks, > > on RHEL8.0, we've set up a small cluster with a FreeIPA server and > two clients, one running a browser (Firefox) and the other running > a web server (tomcat). (IdM is still configured with the > defaults.) > > Now, what is the proper way to tackle fine grained access control > to the web service? We want to do something like the IdM server > GUI, i.e. some users are authorized to use all the functions of > the GUI, others are restricted to editing or viewing a limited set > of pages, and others are locked out. So far I've looked into host > based authentication, but that doen't seem to solve the task at > hand. All access control should be done through Kerberos tickets. > > A pointer to related documentation would also help. > > Ciao > > Dominik ^_^ ^_^ > > -- > > Dominik Vogt > > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > -- Rafael Guterres Jeffman Senior Software Engineer FreeIPA - Red Hat
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org