Changes between Version 27 and Version 28 of S3/S3AAA/OrgAuth
- 09/04/12 10:21:05 (10 years ago)
v27 v28 23 23 [[Image(orgauth1.png)]] 24 24 25 The realm for each role assignment can be chosen from the "''for Entity''" list. 25 To remove role assignments, tick the respective checkboxes under "Currently Assigned Roles" and then click "Remove. 26 27 To assign another role, choose the role from the drop-down list under "Assign Another Role", choose the realm for the assignment from the ''"For Entity"'' drop-down and then click "Add". 28 29 The realm for each role assignment can be chosen from the ''"For Entity"'' list. 26 30 27 31 [[Image(orgauth2.png)]] 28 32 29 In this list there is also an entry for "All Entities" which means that this role assignment is ''not'' restricted to a realm, but applies site-side(=for all records regardless of their respective owner entity). 33 In this list there is also an entry for (=for all records regardless of their respective owner entity). 30 34 31 The entry "Default Realm"means all entities the user is (or will be) an organisation unit of at the time of the request authorization. 35 The entry means all entities the user is (or will be) an organisation unit of at the time of the request authorization. 32 36 33 37 '''NOTE:''' The "Default Realm" setting can be dangerous and may be inappropriate for most multi-tenancy settings, because the user would automatically receive this role for any entity they will ever join in future - without that entity being anyhow in control of this. However, in certain deployments, this dynamic realm may still be convenient practice.