Adam Tauno Williams wrote:
On Mon, 2008-10-13 at 11:02 -0500, Dustin Puryear wrote:
Details were in short supply in that original email, agreed.
I'm a little confused why the traditional roles or group membership
model won't work here? I can see the need to create an aux or even
structural objectclass for the application information, but assigning
rights should be a snap and could use what is already there.
Or am I missing something?
Ditto, the above. And with the advantage that most [all?] LDAP tools
understand groupOfNames and provide some support for group management
Thanks for your help all. I guess I'm the one who is missing something ;-)
The pdf in the link from Dieter earlier was helpful, because I did not
know about the "traditional roles or group membership model".
I'll describe what the project is about: we are building a portal
(hippo-portal, based on jetspeed) where there will be all kind of
portlets on the pages. You have to authenticate first (ldap). Which
portlets somebody can see, or what they can do in the porlet (read-only,
read/write for example) is depended on who you are.
I'm experimenting with the groupOfNames below my Module container, and
it looks like I can skip some of my custom classes with that.
Thanks a lot.
Wessel
