This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
integration:authorization [2018/05/18 10:23] 10.144.24.34 |
integration:authorization [2019/08/01 08:35] tjotov [ADUCID authorization attributes] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Authorization in No-code ====== | ====== Authorization in No-code ====== | ||
- | No-code relies on Apache. You can use any authorization method on ADUCID Apache or ProxyPass to another Apache and resolve authorization there. | + | No-Code relies on Apache. You can use any authorization method on ADUCID Apache or ProxyPass to another Apache and resolve authorization there. |
ADUCID security default application are authorized by Apache with group file authorization. It is recommended to used " | ADUCID security default application are authorized by Apache with group file authorization. It is recommended to used " | ||
- | + | <sxh bash> | |
- | < | + | < |
Require valid-user | Require valid-user | ||
Require group registrator | Require group registrator | ||
- | </ | + | </ |
- | + | </sxh> | |
- | ===== ADUCID authorization attributes ===== | + | |
- | We add two atrribute sets to support Apache authorization: | + | |
- | You can force it using Require role aducid: | + | |
- | < | + | |
- | Require valid-user | + | |
- | Require role aducid: | + | |
- | </RequireAll> | + | |
- | + | ||
- | Personal factor states: | + | |
- | * PF_VERIFIED - personal factor has been verified | + | |
- | * CF_VERIFIED - comfort factor has been verified | + | |
- | * PF_MISSING - user has no PF/CF | + | |