Personal tools

Log in

Saml:SamlRoles

From Adapt

Revision as of 23:52, 11 September 2008 by Scsong (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

SAML Roles used in PAWN

A more up to date list of these roles can always be found in the SAMLRoles source file in the pawn-ws-sec project.

urn:pawn:role:user_ - pawn client, standard user w/ no administrative or management priviledge

urn:pawn:role:manager - domain manager, if a client presents this, you usually check the authority uri in the certificate to make sure the assertion domain matches the domain where the user is trying to act.

urn:pawn:role:administrator - global administrator, usually this should only be trusted from select authorities

urn:pawn:role:scheduler - system role for schedulers talking to receiving servers and possibly managers, this should be restricted to certain authorities.

-- Main.MikeSmorul - 12 Sep 2005

Retrieved from "https://wiki.umiacs.umd.edu/adapt/index.php?title=Saml:SamlRoles&oldid=1990"