Changes between Version 25 and Version 26 of S3/S3AAA/OrgAuth


Ignore:
Timestamp:
09/04/12 10:14:21 (13 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • S3/S3AAA/OrgAuth

    v25 v26  
    1919=== Role Restrictions ===
    2020
    21 In all !OrgAuth policies (6, 7 and 8), a role assignment for a user (and thus all the permissions the user receives out of this role) can be restricted to a particular realm.
     21In all !OrgAuth policies (6, 7 and 8), a role assignment for a user (and thus all the permissions the user receives out of this role) can be restricted to a particular realm:
     22
     23[[Image(orgauth1.png)]]
     24
     25The realm for each role assignment can be chosen from the "''for Entity''" list.
     26
     27[[Image(orgauth2.png)]]
     28
     29In this list there is also an entry for "All Entities" which means that this role assignment is ''not'' restricted to a realm, but applies site-side (=for all records regardless of their respective owner entity).
     30
     31The entry "Default Realm" means all entities the user is (or will be) an organisation unit of at the time of the request authorization.
     32
     33That means, any future affiliation of the current user will assign the user this role for the respective entity.
    2234=== Realm Hierarchy ===
    2335