View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000778||SOGo||Backend General||public||2010-08-26 05:53||2011-02-03 03:22|
|Target Version||Fixed in Version|
|Summary||0000778: Constraints based on group membership|
|Description||For now, we can limit access to sogo, or to some modules with constraints and filter (both are based on LDAP filters).|
One common need is to restrict access based on group membership. The problem is that in some situation, it's not possible to use LDAP filters. For example, when using posixAccount for users and posixGroup for groups, there's no information of the group memebership at the user level (no memberOf). In this case, it's up to the application to lookup each autorised groups, and to check if the user is a member.
It'd be great if SOGo has something like this
In order to be flexible, we should be able to define which attribute of the group object contains members (member, memberUid, uniqueMember etc...), and if the members are stored as full DN, or simple uid.
|Tags||No tags attached.|