Changes between Version 27 and Version 28 of S3/S3AAA/OrgAuth


Ignore:
Timestamp:
09/04/12 10:21:05 (12 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • S3/S3AAA/OrgAuth

    v27 v28  
    2323[[Image(orgauth1.png)]]
    2424
    25 The realm for each role assignment can be chosen from the "''for Entity''" list.
     25To remove role assignments, tick the respective checkboxes under "Currently Assigned Roles" and then click "Remove.
     26
     27To assign another role, choose the role from the drop-down list under "Assign Another Role", choose the realm for the assignment from the ''"For Entity"'' drop-down and then click "Add".
     28
     29The realm for each role assignment can be chosen from the ''"For Entity"'' list.
    2630
    2731[[Image(orgauth2.png)]]
    2832
    29 In this list there is also an entry for "All Entities" which means that this role assignment is ''not'' restricted to a realm, but applies site-side (=for all records regardless of their respective owner entity).
     33In this list there is also an entry for '''All Entities''' which means that this role assignment is ''not'' restricted to a realm, but applies ''site-wide'' (=for all records regardless of their respective owner entity).
    3034
    31 The entry "Default Realm" means all entities the user is (or will be) an organisation unit of at the time of the request authorization.
     35The entry '''Default Realm''' means all entities the user is (or will be) an organisation unit of at the time of the request authorization.
    3236
    3337  '''NOTE:''' The "Default Realm" setting can be dangerous and may be inappropriate for most multi-tenancy settings, because the user would automatically receive this role for any entity they will ever join in future - without that entity being anyhow in control of this. However, in certain deployments, this dynamic realm may still be convenient practice.