Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-17 Thread Darshana Gunawardana
Have we considered permission based access control rather having role based?.. Almost all our carbon access control done using permissions rather roles. On Tue, Sep 16, 2014 at 9:53 AM, Tharindu Edirisinghe wrote: > Thanks Suresh & Prasad... > > I think Option 2 and 3 suggested by Suresh togeth

Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-17 Thread Tharindu Edirisinghe
I checked the code (org.wso2.carbon.identity.application.mgt) and found that from all the places where the role is referred, it refers to the role from the applicationName. Therefore if let user specify the name for the role there are multiple places to be changed including the database level.

Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-16 Thread Bhathiya Jayasekara
Hi Suresh & IS team We also came across this and were in the same confusion, while we were using SP implementation to implement custom permissions for Storage Server. Can you please explain why we need such a role here? Can't an admin create this role manually with edit permissions only if they ne

Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-16 Thread Tharindu Edirisinghe
Thanks Suresh & Prasad... I think Option 2 and 3 suggested by Suresh together would solve the issue... but before that I have to check from where this role name is referred. If the user can change the role name, that name should be retrieved from all the places the where the role is used if for th

Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-15 Thread Prasad Tissera
[1] may help you on this. [1]. http://stackoverflow.com/questions/24830564/wso2-identity-server-internal-role-vs-role-in-external On Mon, Sep 15, 2014 at 12:31 PM, Tharindu Edirisinghe wrote: > Hi, > > I'm working on issue [1 ] and > noticed following

Re: [Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-15 Thread Suresh Attanayaka
However in the role of the application, those have edit permission to the application. That is why we have to be careful here. First question is, how we can get a role with the same name here. Three options here. 1. If role exist, don't try to create a new, use the existing - Issue : Users who wer

[Dev] [IS] What is the usage of "Internal Role" in Identity Server Users and Roles

2014-09-15 Thread Tharindu Edirisinghe
Hi, I'm working on issue [1 ] and noticed following. When registering a Service Provider, it creates an internal role with the same name given for SP. If we already have an internal role with the name given for the new SP, we cannot register the SP as t