[midPoint] Hide GUI pages
Jaakko Leskinen
jaakko.leskinen at qvantel.com
Fri May 5 07:19:55 CEST 2017
Hi,
I guess I have something amiss here, I’m trying to hide (and disable) the end user GUI option for changing credentials / password. Little bit of background: we have LDAP authentication enabled and a separate password change service that is authoritative for all AD/LDAP password changes and policies.
Now, I created a custom role (forked the End User role) with the following authorization, which does not do quite what I would expect it to do:
<authorization id="1">
<name>gui-self-service-access</name>
<description>
Allow access to self-service operations in GUI.
</description>
<!-- <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll</action>-->
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfDashboard</action>
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfProfile</action>
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfRequestRole</action>
</authorization>
Assigning this role to a user (replacing the End User role) the GUI only has Dashboard and Profile without the Request a Role link/page visible. In the sidebar there is only Home and Profile links present (althought Dashboard has a big blue shield button for Credentials that I did not expect and clicking it does nothing).
What am I missing here?
Thanks!
--
Jaakko Leskinen
System Developer / Team Lead
Qvantel
Piippukatu 11
FI-40100 Jyväskylä, Finland
+358 44 977 3829
jaakko.leskinen at qvantel.com<mailto:jaakko.leskinen at qvantel.com>
www.qvantel.com<http://www.qvantel.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170505/c101d990/attachment.htm>
More information about the midPoint
mailing list