Hi again,
I didn’t want to do a thread high jacking so here a second mail with a complete other
question
If I’have a structure like:
User
- Role
Role
- User
- Permission
Permission
- Role
Now I want to get the authorization for some permission, So I have the information which
user and which Permission. Now I need to match the list.
The way it already work:
Get all Roles for a Permission
Search in the user for the Role
If found Authorization
Else no
Therefore I need at least two requests to the LDAP server
My Question:
Is it possible to send only the DN of a Permissions and tell the Server, that he/she need
to extract the Role attributes and check in the DN of a user for those Roles?
Can I Implement an overlay on the Server to manage this task or is it senseless to think
about such a task for the server?
Greetings John
--
Johannes Fischer
Wissenschaftlicher Angestellter
Fraunhofer-Institut für
Produktionstechnik und Automatisierung IPA
Kompetenzzentrum Digitale Werkzeuge in der Produktion
Nobelstraße 12 │ 70569 Stuttgart
Telefon +49 711 970-1217
johannes.fischer@ipa.fraunhofer.de<mailto:johannes.fischer@ipa.fraunhofer.de>
www.ipa.fraunhofer.de<http://www.ipa.fraunhofer.de/>
[cid:image002.png@01D0E168.63E7FA20]