Thanks Shawn,
That's what i wanted to check. :)
Regards,
Damian
On 7/19/2016 8:44 PM, Shawn McKinney wrote:
On Jul 19, 2016, at 11:27 AM, Damianos Metallidis <[email protected]> wrote:
Thanks for the answer.
Actually it was on the realm project too some of the authentications controls i
wanted to handle.
I want to ask one more question. I am entering the application as test/password
and i do have full access to the application of fortress-web.
Is there any username password that will give me limited access, let's say for
example that i will get access only on the USERS panel or the ROLE?
(Will AccessMgr handle this?)
Hey Damianos,
Take a look at the FortressWebDemoUsers.xml file in the fortress web project.
https://github.com/apache/directory-fortress-commander/blob/master/src/main/resources/FortressWebDemoUsers.xml
This file defines the security policy that is in effect. In there you will see
that there are a number of roles defined, one for each page in the app. The
‘test' user has been assigned the fortress-web-super-user which inherits all of
the page roles. :
<adduserrole>
<userrole userId="test" name="fortress-web-super-user” ...
<userrole userId="test1" name="ROLE_USERS” …
</adduserrole>
To test a user that only has access to users page, try ‘test1'.
This file is just for testing and you should create your own policy that fits
your security requirements. Of course you can use the fortress-web app itself
to set that policy. Or, create your own version of a policy load file using
the above as a guide.
Shawn
