Hello, Sorry once more :(
I would like to use Syncope in my app (using Spring Security) for user
authentication and authorisation.
I would like to know if mapping GrantedAuthority to Syncope's role is the way
to go ?I'm a bit lost, since there's also the notion of entitlements and groups.
In fact, when I look into syncope's code, I see : @PreAuthorize("hasRole('"
+ StandardEntitlement.ROLE_CREATE + "')")
public RoleTO create(final RoleTO roleTO) {
So I would say I should use entitlements and not roles.But entitlement appears
to be fixed (in StandardEntitlement class) and for syncope 'internal' use [1]
and [2] (aka checking if user has right to perform an action on syncope - and
not checking if user has right to peform action on whatever application).
Thanks,Adrian
P.S. Using Syncope 2.0.0-M2
[1]
http://syncope-user.1051894.n5.nabble.com/Entitlements-how-do-we-create-change-these-tp5707009p5707010.html<quote>entitlements
are not meant to be extended: their primary purpose is to define security
constraints on RESTful methods.</quote>
[2]
https://cwiki.apache.org/confluence/display/SYNCOPE/Authentication+and+authorization
