This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
integration:authorization [2018/05/18 10:26] 10.144.24.34 |
integration:authorization [2018/11/12 13:07] mpospisek [ADUCID authorization attributes] |
||
---|---|---|---|
Line 2: | Line 2: | ||
No-code relies on Apache. You can use any authorization method on ADUCID Apache or ProxyPass to another Apache and resolve authorization there. | No-code relies on Apache. You can use any authorization method on ADUCID Apache or ProxyPass to another Apache and resolve authorization there. | ||
ADUCID security default application are authorized by Apache with group file authorization. It is recommended to used " | ADUCID security default application are authorized by Apache with group file authorization. It is recommended to used " | ||
+ | <sxh bash> | ||
< | < | ||
Require valid-user | Require valid-user | ||
Require group registrator | Require group registrator | ||
</ | </ | ||
+ | </ | ||
===== ADUCID authorization attributes ===== | ===== ADUCID authorization attributes ===== | ||
We add two atrribute sets to support Apache authorization: | We add two atrribute sets to support Apache authorization: | ||
You can force it using Require role aducid:XXX | You can force it using Require role aducid:XXX | ||
+ | <sxh bash> | ||
< | < | ||
Require valid-user | Require valid-user | ||
Require role aducid: | Require role aducid: | ||
</ | </ | ||
+ | </ | ||
Personal factor states: | Personal factor states: | ||
* PF_VERIFIED - personal factor has been verified | * PF_VERIFIED - personal factor has been verified | ||
Line 21: | Line 22: | ||
* PF_MISSING - user has no PF/CF | * PF_MISSING - user has no PF/CF | ||
- | Personal factor | + | Proofing |
* APPROVED - user is proofed | * APPROVED - user is proofed | ||
- | * | + | * PROOFING_IN_PROGRESS – user proofing is running |
+ | * NO_PROOFING_STATUS – proofing did not start yet | ||
+ | |||
+ | PEIG type states: | ||
+ | * USER – PEIG is linked to user | ||
+ | * NO_PEIG_TYPE – PEIG type is unknown | ||
+ | * MACHINE (future IOT support - PEIG is linked to a machine) | ||
+ | |||