THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Note | ||
---|---|---|
| ||
The content below is for Apache Syncope <= 1.2 - for later versions the Reference Guide is available. |
Table of Contents | ||
---|---|---|
|
Introduction
A Role is an object that allows to group resource access rights to be assigned to the users
...
- security is granted by assigning entitlements to the roles;
- consistent provisioning is granted by assigning external resources to the roles in order to perform a role-based provisioning.
...
This wiki page aims to show how to manage roles via administration console.
Create new Role
- Click on Roles tab.
- Click on role you choose to be parent of the new role you are going to create (Fig. Roles Tab)..
- Click on Add child link.
- Provide attribute, derived attribute and virtual attribute values by clicking on the corresponding tabs (Fig. Add Attributes).:.
Provide derived attribute values by using JEXL Expressions.
: Providing virtual attribute remember that:- virtual attribute values won't be stored locally.
- virtual attribute values will be propagated onto external resources assigned.
- virtual attribute values will be retrieved from the external resources assigned.
- Further, you have to consider that currently roles cannot be propagated so, actually, virtual role attributes are not used.
- For more details about schema type take a look at Schema, Attributes and Mapping.
- Click on Resources tab to assign resources to the role (Fig. Choose resources)..
- Click on Entitlements tab to assign entitlements to the role (Fig. Choose entitlements)..
- Click on Security tab to specify account and password policies for the role.
: Check Inherit password policy to inherit password policy from the parent or choose one from Password Policy.
: Check Inherit account policy to inherit account policy from the parent or choose one from Account Policy. - Click on Save button.
Image:Roles_1.png|Fig. Roles Tab
Image:Roles_2.png|Fig. Choose resources
Image:Roles_3.png|Fig. Choose entitlements
Image:Roles_4.png|Fig. Add Attributes
Edit Role
- Click on Roles tab.
- Click on role to be modified (Fig. Roles Tab).
- Click on Edit link an provide information as shown at Create new Role paragraph.
- Click on Save button.
Delete Role
- Click on Roles tab.
- Click on role to be modified (Fig. Roles Tab).
- Click on Drop link.
- Confirm operation.
...