[security-dev] how to model services managed by a realm
Bill Burke
bburke at redhat.com
Mon Jun 10 18:28:05 EDT 2013
I'm trying to figure out how to do the following scenario with the
IdentityManager API:
* A realm with N users
* A realm which manages X applications
* Each application has Y roles
* Users have role mappings for each of those roles
I'll need to be able to query:
* What are the applications in the realm
* What roles does a service have
* What are the role mappings for each service for a particular user
It looks like a Role only has a name. So, I can't have "admin" role for
each of my services and different role mappings per service. Would I
have to model this as different "partitions"? I see that you can create
"partitions", but how do you create relationships between "partitions"
or share users between partitions?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the security-dev
mailing list