Skip to topic | Skip to bottom
Home
Federation
Hello TWikiGuest

Create personal sidebar
Federation.GroupARPr1.2 - 24 Apr 2006 - 06:44 - BrucLiongtopic end
Start of topic | Skip to actions

Group ARP

Shibboleth comes with 2 types of ARPs:

  1. site wide ARP (i.e. the whole organization-wide ARP)
  2. user ARP

This has some limitation in which administrators of different departments could not manage attributes that belongs to their users. Specifically, admin of specific departments may want to create contracts -- hence releasing or denying certain attributes -- that are only applicable to their users.

Complexity of group ARPs is reached when a user belongs to multiple groups. This has accumulative affect to his ARPs and this is the power of Group ARP. Group hierarchy is in the agenda (as discussed on sharpe-users mailing list).

From this viewpoint Group ARP is introduced. Processing Group ARP has been integrated into SharpeCore in such away that it shares the same processing approach as site ARP and user ARP. ArpRepository? has been extended to understand group ARP such that Shibboleth as a whole would treat Group ARP on the same level as user or site ARP.

-- BrucLiong - 17 Feb 2006
to top

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.2 | > | r1.1 | Total page history | Backlinks
You are here: Federation > ShARPE > SharpeCore > GroupARP

to top

Copyright © 1999-2008 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback