Feature #3508: As a security engineer, I would like to retrieve ldap groups and use that to select roles in foreman - Foreman

Custom queries

3.11.5 release DONE
3.11.5 release TODO
3.12.2 release DONE
3.12.2 release TODO
3.13.0 release DONE
3.13.0 release TODO
All bugs by votes
All issues closed in the last 3 weeks
Easy and Trivial Issues
Easy Issues (only)
Foreman - new open issues in last 10 days
Good first issues - Foreman core
high prio open bugs
Host registration [open]
Mine
My issues closed in the last 3 weeks
old bugs
Open with target version set (aka blockers)
registration
taken-none
Team Atlas untriaged bugs
templates
Trivial Issues
Untriaged and opened in the past two weeks

Actions

Copy link

Feature #3508

closed

As a security engineer, I would like to retrieve ldap groups and use that to select roles in foreman

Added by Anonymous about 11 years ago. Updated almost 11 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Users, Roles and Permissions

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Related issues 1 (0 open — 1 closed)

Is duplicate of Foreman - Feature #812: cant assign roles to groups, just to users

Closed

Marek Hulán

03/31/2011

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Dominic Cleal about 11 years ago

Is duplicate of Feature #812: cant assign roles to groups, just to users added

Actions

Copy link

Updated by Dominic Cleal about 11 years ago

Status changed from New to Need more information

Duplicates #812 and https://github.com/theforeman/foreman/pull/529.

Actions

Copy link

Updated by Bryan Kearney about 11 years ago

At the end of this story, and the end of Jan's work, I would expect the following scenarios to work

1) Authz and Authn are done by the foreman login screen. Passwwords are validated by an LDAP bind, and the roles are selected based on the groups returned from LDAP.

2) Authz and Authn are done by the apache plugin. Group names from the plugin are used to select the correct roles.

In order to support both use cases, it is acceptable for the Foreman user to have to map the intenral roles to group names.

Actions

Copy link

Updated by Marek Hulán almost 11 years ago

Status changed from Need more information to Closed

Applied in changeset acfbc45886c4d81a2a3ca5af433a6124a0a7191a.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Feature #3508

As a security engineer, I would like to retrieve ldap groups and use that to select roles in foreman

Updated by Dominic Cleal about 11 years ago

Updated by Dominic Cleal about 11 years ago

Updated by Bryan Kearney about 11 years ago

Updated by Marek Hulán almost 11 years ago