Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
integration:authorization [2018/11/12 13:07]
mpospisek [ADUCID authorization attributes]
integration:authorization [2019/08/01 08:36] (current)
tjotov old revision restored (2019/08/01 08:27)
Line 1: Line 1:
-====== Authorization in No-code ====== 
-No-code relies on Apache. You can use any authorization method on ADUCID Apache or ProxyPass to another Apache and resolve authorization there. 
-ADUCID security default application are authorized by Apache with group file authorization. It is recommended to used "​Advanced"​ authorization for better performance and manageability. 
-<sxh bash> 
- <​RequireAll>​ 
- Require valid-user 
- Require group registrator 
- </​RequireAll>​ 
-</​sxh>​ 
-===== ADUCID authorization attributes ===== 
-We add two atrribute sets to support Apache authorization:​ personal factor and proofing. ​ 
-You can force it using Require role aducid:XXX 
-<sxh bash> 
- <​RequireAll>​ 
- Require valid-user 
- Require role aducid:​PF_VERIFIED 
- </​RequireAll> ​ 
-</​sxh>​ 
-Personal factor states: 
-  * PF_VERIFIED - personal factor has been verified 
-  * CF_VERIFIED - comfort factor has been verified 
-  * PF_MISSING - user has no PF/CF 
- 
-Proofing states: 
-  * APPROVED - user is proofed 
-  * PROOFING_IN_PROGRESS – user proofing is running 
-  * NO_PROOFING_STATUS – proofing did not start yet 
- 
-PEIG type states: 
-  * USER – PEIG is linked to user 
-  * NO_PEIG_TYPE – PEIG type is unknown 
-  * MACHINE (future IOT support - PEIG is linked to a machine) 
- 
- 
- 
  
  • integration/authorization.1542028022.txt.gz
  • Last modified: 2018/11/12 13:07
  • by mpospisek