Il giorno 14/dic/2012, alle ore 16.08, Denis Signoretto ha scritto: > Hi Syncopers, > > I just read documentation about policies [1] and I need to clarify myself the > difference between > "Global" and "Simple" policy and the best way to define and use it. > > After some trials, I can guess that "Global policy" it's unique and applied > both to Syncope and to all resources associated with a user. It's right? > > If 'm right, I'm wondering if going to "Resource > Security" Tab > it would be better to hide the Global Password Policy in the selection list.
Hi Denis, "Global" policy will be applied always (simply because it exists). "Simple" policy will be applied if specified explicitly. Think about a password policy associated to a certain resource: it will be evaluated and enforced if and only if the user has that resource. Probably you are right. The Global policy shouldn't be specifiable for resource or roles. Can you take care to open a new issue for this? Regards, F. > > Thanks, > Denis. > > > [1] https://cwiki.apache.org/confluence/display/SYNCOPE/Policies > > > Denis Signoretto | Senior Project Manager > > Intesys - Via Roveggia 122 A - 37136 Verona > Tel. 045 503663 | Fax 045 503604 > [email protected] > www.intesys.it > Le informazioni contenute nella presente e-mail e nei suoi allegati > potrebbero essere confidenziali/riservate e sono dirette unicamente ai > destinatari sopra indicati. In caso di ricezione da parte di persona diversa > è vietato qualunque tipo di divulgazione o copia anche parziale. Chi riceva > questo messaggio per errore è pregato di inoltrarlo al mittente e di > cancellare questa e-mail. > > This e-mail and its attachments may contain confidential/reserved information > and is intended only for the use of the address(es) named above. If the > reader of this message is not the intended recipient of this message, please > note that distribution or copying of this communication is forbidden. Anyone > who receives this communication in error should return it immediately to the > sender and delete the message. >
