user2931648
Reputation: 3
WSO2 Identity Server - Role management
I have few doubts on configuring RBAC in WSO2:
- are supported hierarchical roles?
- is it possible to associate different roles to a user depending to a different authorization contexts? I.e. in DeptA a user can access a certain resource since having a manager role, while in DeptB cannot since having normal employee role.
- RBAC can be implemented with XACML policies? Any sample policies available with hierarchical roles?
Upvotes: 0
Views: 649
Answers (1)
Pushpalanka
Reputation: 877
In WSO2-IS, it's the permission model that is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner.
I think this is not straightforward.If the resource is identified with the Dept, we will be able to control it's permission there. If so this can be handled with XACML policies as well.
This sample policy may be of some help to you. http://pushpalankajaya.blogspot.com/2013/06/xacml-30-policies-multiple-rules-5.html
Upvotes: 0
Related Questions
- wso2 Identity Server 5.7.0 Service Provider how set User role?
- Enabling Role-Based Access Control Using XACML - Error occurred while evaluating the policy
- WSO2 IS 5.4: Add a custom ROLE to Service Provider level
- XACML selected role authorization example - XACML for RBAC
- WSO2 roles & Permission Identity server for OAuth2
- Role hierachy in WSO2 IS
- wso2 Identity Server - ACL based on role to manage user access to webapps
- WSO2 IS 5.0 SP1 : User/Role management in Multitenancy
- WSO2 Identity Server Get role permissions
- WSO2 Identity Server managing users and roles through API