[midPoint] ScriptedSQL connector: multiple group types
Wojciech Staszewski
wojciech.staszewski at diagnostyka.pl
Mon Dec 19 20:25:49 CET 2016
Hello!
Jokes are over. My first scriptedSQL connector works like a charm (Zabbix account with group membership), so it is time for something more sophisticated.
I've got a system, where user's access rights are set by 3 different memberships.
First membership are database roles.
Second are application modules available for user.
Third type are "workplaces" (with time constraints).
These 3 memberships are independent, each user can have for example 3 roles, 12 enabled modules and 5 workplaces.
I thought that I can do multiple group types in SchemaScript and distinguish them by "intent".
But I can't do this. I can declare only 1 CustomGroupObjectClass...
Any advice? Thanks and regards,
WS :)
More information about the midPoint
mailing list