Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-1627

Example of how to use Shib as an external privilege injection system

    XMLWordPrintable

    Details

    • Type: Documentation
    • Status: Resolved
    • Priority: Minor
    • Resolution: Invalid
    • Affects Version/s: 2.3.0
    • Fix Version/s: None
    • Component/s: UI, WS
    • Labels:
      None
    • Environment:
      2.4

      Description

      ref: https://spaces.internet2.edu/display/Grouper/API+Configuration

      "

      Using a privilege management system external to Grouper

      Grouper's internal security implementation relies on two java interfaces, one for Naming Privileges and another for Access Privileges. Grouper ships with classes that implement these interfaces, but 3rd parties are free to supply their own and so manage Grouper privileges using a privilege management system external to Grouper. Two properties declare the java classes that Grouper will use to implement these interfaces:

      Property Name Description
      privileges.access.interface classname of the java class that implements the Access Interface
      privileges.naming.interface classname of the java class that implements the Naming Interface

      Note: although we've provided the can and the dish, we haven't as yet eaten our own dogfood!

      "

       

      It would be a great add to the project to show how Grouper can leverage Shibboleth delivered assertions as a way to bootstrap Grouper privileges vai Shibboleth SSO.

      ALSO: (maybe this should be a separate doc request, but it is very related...)

      It would also be a similar great add to the project to show how Grouper can be leveraged by Shibboleth to deliver Grouper access policies vi Shibboleth assertions out to other SP's.

        Attachments

          Activity

            People

            • Assignee:
              mchyzer Chris Hyzer
              Reporter:
              black.123 Carey
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: