Hi Ishara, Thanks a lot for the clarification.
Regards, Ushani On 29 Nov 2017 5:46 pm, "Ishara Karunarathna" <[email protected]> wrote: > Hi Ushani, > > > On Wed, Nov 29, 2017 at 5:26 PM, Ushani Balasooriya <[email protected]> > wrote: > >> Hi IAM Team, >> >> Any update on this? >> > SP applications are specific to clients and IDP configurations are > specific to the Sever. > > For example lets say you create an application in FB and you can manage > it, if needed you assign different users to admin role then only they can > mange that application. > And FB support for user name password authentication later they decide to > add federation authentication support which is an IDP configuration so > thats managed by FB server admins. > > -Ishara > > > >> Thanks, >> Ushani >> >> On Wed, Nov 29, 2017 at 11:47 AM, Ushani Balasooriya <[email protected]> >> wrote: >> >>> Hi Maneesha, >>> >>> Thanks for the clarification. Appreciate if someone can explain why this >>> behavior is different for SP and IDPs? If there is an explanation would be >>> great to add it in to docs . >>> >>> Thanks, >>> Ushani >>> >>> On Wed, Nov 29, 2017 at 11:42 AM, Maneesha Wijesekara <[email protected] >>> > wrote: >>> >>>> Hi Ushani, >>>> >>>> As per the current implementation, a service provider only visible to >>>> the user who created, at first. When creating service providers, by default >>>> a role created as 'Application/{SERVICE_PROVIDER_NAME}. In order to >>>> make the service provider available for the selected users, you can assign >>>> users to this role and SP will visible to them as well. >>>> >>>> +1 to add this to the documents. >>>> >>>> Regards >>>> Maneesha >>>> >>>> On Wed, Nov 29, 2017 at 11:02 AM, Ushani Balasooriya <[email protected]> >>>> wrote: >>>> >>>>> Hi IAM team, >>>>> >>>>> Please consider the below example. >>>>> >>>>> 1. *admin* user belongs to *admin* role creates a SP named *adminsp* >>>>> and an IDP named *adminidp* >>>>> >>>>> 2. *admin1* user belongs to the same *admin* role creates a SP named >>>>> *admin1sp* and an IDP names *admin1idp*. >>>>> >>>>> So the current behavior is, >>>>> 1. Both *admin* and *admin1* users can see the existing *IDPs* ( >>>>> *adminidp* and *admin1idp*) when they log in to the management >>>>> console. >>>>> >>>>> 2. But they can only see the *SP* created by themselves. E.g., >>>>> *admin* can see only *adminsp* and *admin1* can see only *admin1sp*. >>>>> >>>>> Can you please explain whether this contradicting behavior is expected >>>>> or whether this is a bug? >>>>> >>>>> If not a bug please explain this why and it should go to documents. >>>>> >>>>> Thanks, >>>>> -- >>>>> *Ushani Balasooriya* >>>>> Associate Technical Lead - EE; >>>>> WSO2 Inc; http://www.wso2.com/. >>>>> Mobile; +94772636796 >>>>> >>>>> >>>> >>>> >>>> -- >>>> Maneesha Wijesekara >>>> Software Engineer - QA Team >>>> WSO2 Inc. >>>> >>>> Email: [email protected] >>>> Linkedin: http://linkedin.com/in/maneeshawijesekara >>>> Mobile: +94712443119 >>>> >>> >>> >>> >>> -- >>> *Ushani Balasooriya* >>> Associate Technical Lead - EE; >>> WSO2 Inc; http://www.wso2.com/. >>> Mobile; +94772636796 >>> >>> >> >> >> -- >> *Ushani Balasooriya* >> Associate Technical Lead - EE; >> WSO2 Inc; http://www.wso2.com/. >> Mobile; +94772636796 >> >> > > > -- > Ishara Karunarathna > Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 <+94%2071%20799%206791> > > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
