Hi,
We're working on the following problem:
We would like to store the web portal privileges in the ldap, so that:
Ldap user A
is allowed to use portal X
is allowed to read in application Y of portal X
is allowed to write in application Y of portal X
is allowed to read in application Z of portal X
is allowed to use portal X2
is allowed to administer application Y1 of portal X2
Ldap user B
is allowed to access portal X2
is allowed to read in application Y4 in X2
is allower to administer application Y5 in X2
etc.
What is the best way to implement this in LDAP in terms of which schema to
use and whether we should store the authorization information in the user
objects or should we create a separate tree with portal/application objects
that would have authorization information in them?
This seems like a very standard problem to me but I could not find any
standard implementation of this (google, mailing lists search etc).
Ideally we would like to have a php and/or perl api to be able to do that.
Any pointers will be greatly appreciated.
Best regards,
Alexis Yushin
--
Mobile: +31 (0)65 427 0754
Office: +31 (0)20-7947500
Fax: +31 (0)20-7947599
[EMAIL PROTECTED]
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
