Re: Need guidance

Fri, 06 Dec 2013 01:03:22 -0800 

On 05/12/2013 14:18, Rajeswari Raghunathan wrote:

Hi,

Is there any we can add customized entitlement for roles?


Hi,
as explained below, entitlements are only for internal usage, so, even there could be some hack to extend the predefined set of entitlements, I wouldn't suggest to do it.
Instead, if you need to associate some kind of authorization-related information to roles, why don't you define a multi-value enum role schema? This will not, of course, provide you with any enforcement mechanism, but at least will give you the chance to define and maintain the authorization information. 

Regards.
On Fri, Nov 29, 2013 at 4:24 PM, Francesco Chicchiriccò <[email protected] <mailto:[email protected]>> wrote: 

    On 29/11/2013 07:08, Rajeswari Raghunathan wrote:

        Hi,

        I need another guidance in Rest api for authenticating and
        authorizing the user.
         eg.. 1. is there any rest api through which user name and
        password will be sent in request and in response  status of
        authentication will be sent??
        2. Another api for authorization??

        if you can provide me any documentation for this it will be
        useful.
        Actually i want to connect from nodejs to Apache syncope.,if
        you need any further information let me know.


    Hi,
    first of all, please bare in mind that Syncope is mainly a
    provisioning engine, not actually an access manager, like as CAS
    [1], for example.
    This means you cannot easily use Syncope for implementing SSO or
    to centralize the authorization of a set of external applications:
    Syncope defines its own entitlements [2], but they are
    *exclusively* for internal usage.

    Having said that, you can look at [3] for REST reference (I assume
    you are on 1.1.X, right?): the simplest call for your requirements is

    GET /auth/entitlements.json (if using Spring MVC)
    GET /entitlements/own.json (if using CXF)

    This call is protected by Basic Authentication, so if
    authentication is failing, an Exception will be raised.
    When successful, instead, a list of owned entitlements will be
    returned.

    [1] http://www.jasig.org/cas
    [2]
    
https://cwiki.apache.org/confluence/display/SYNCOPE/Authentication+and+authorization
    [3]
    https://cwiki.apache.org/confluence/display/SYNCOPE/REST+API+upgrade



--
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/

Reply via email to