[midPoint] Object selection by role membership in authorization
Jussi Jokela
jussi.jokela at fiarone.com
Fri Mar 11 13:51:57 CET 2022
Looks like I figured it out. I need to build filter instead of just using roleRef.
<filter>
<q:ref>
<q:path>c:roleMembershipRef</q:path>
<q:value>
<q:oid>dd96656a-9a33-407e-938b-0b525c634193</q:oid>
</q:value>
</q:ref>
</filter>
Br,
Jussi
________________________________
From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Jussi Jokela via midPoint <midpoint at lists.evolveum.com>
Sent: Friday, March 11, 2022 11:10
To: MidPoint Mailing List <midpoint at lists.evolveum.com>
Cc: Jussi Jokela <jussi.jokela at fiarone.com>
Subject: [midPoint] Object selection by role membership in authorization
Hi everyone,
Is it possible to filter object selection in authorization by role membership? For example, just like you can filter objects by orgRef, I would like to filter object by roleRef, but roleRef has no definition? Also tried roleMembershipRef but same result.
<authorization>
<action>...</action>
<object>
<orgRef oid="1f82e908-0072-11e4-9532-001e8c717e5b"/>
</object>
</authorization>
Best regards,
Jussi Jokela
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20220311/df8a7880/attachment.htm>
More information about the midPoint
mailing list