Fórumok
Permissions system is driving me nuts
Boden Larson, módosítva 15 év-val korábban
Permissions system is driving me nuts
Regular Member Bejegyzések: 200 Csatlakozás dátuma: 2008.07.10. Legújabb bejegyzések
What I want to do is manage the users of my network in one place: LDAP. I'm using Liferay 5.2.1 and have it configured to import users and groups. When I add a new user to my system, I do not want to have to also set them up in Liferay.
So if I have a Human Resources group in LDAP, I want the users of that group to automagically have access to Human Resources "stuff" in Liferay. When I remove a user from Human Resources in LDAP, I want that person to automagically lose access to Human Resources stuff in Liferay.
I've tried all sorts of combinations of organizations and communites and whatnot in Liferay but am getting nowhere fast because user groups in liferay can only be associated with regular roles.
What I've boiled everything down to is creating a regular role for every group on my network, and then using page and/or portlet-specific permissions and the new scoping feature to create multiple document libraries, etc. So basically I just end up with one community for the entire company and then I just have pages for each department or group within the company. This is less than ideal.
Should I give up on this idea and just manage my users in Liferay and LDAP separately?
So if I have a Human Resources group in LDAP, I want the users of that group to automagically have access to Human Resources "stuff" in Liferay. When I remove a user from Human Resources in LDAP, I want that person to automagically lose access to Human Resources stuff in Liferay.
I've tried all sorts of combinations of organizations and communites and whatnot in Liferay but am getting nowhere fast because user groups in liferay can only be associated with regular roles.
What I've boiled everything down to is creating a regular role for every group on my network, and then using page and/or portlet-specific permissions and the new scoping feature to create multiple document libraries, etc. So basically I just end up with one community for the entire company and then I just have pages for each department or group within the company. This is less than ideal.
Should I give up on this idea and just manage my users in Liferay and LDAP separately?
Tim Carr, módosítva 15 év-val korábban
RE: Permissions system is driving me nuts
Junior Member Bejegyzések: 51 Csatlakozás dátuma: 2009.02.01. Legújabb bejegyzések
Great scenario description. That's exactly what I'm trying to do and one of the frustrations I'm running into...as well as I've got multiple exceptions being thrown every time the ldap import occurs. And since I'm running on Windows, I don't have a way to grab stdout to even see what the error is. I'm trying to get a linux system going now just to grab that info...