Personal tools

Saml:SamlRoles

From Adapt

Jump to: navigation, search

SAML Roles used in PAWN

A more up to date list of these roles can always be found in the SAMLRoles source file in the pawn-ws-sec project.

  • urn:pawn:role:user_ - pawn client, standard user w/ no administrative or management priviledge
  • urn:pawn:role:manager - domain manager, if a client presents this, you usually check the authority uri in the certificate to make sure the assertion domain matches the domain where the user is trying to act.
  • urn:pawn:role:scheduler - system role for schedulers talking to receiving servers and possibly managers, this should be restricted to certain authorities.

-- Main.MikeSmorul - 12 Sep 2005