Hi Bob,
Don't agree, I don't think LDAP gives something special, though it
is there, we can activate it. Its useful when lazy guy does not want
to login again, because he already logged into his windows machine
and mostly have no time for this. In this case he can tick "remember
me" once, actually new functionality on security, and every next
time from that machine he will be authenticated automatically.
murod
From: Bob Jolliffe <bobjolliffe@xxxxxxxxx>
To: Knut Staring <knutst@xxxxxxxxx>
Cc: Murodullo Latifov <murodlatifov@xxxxxxxxx>; Sundeep Sahay <sundeep.sahay@xxxxxxxxx
>; Jørn Braa <jornbraa@xxxxxxxxx>; DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx
>
Sent: Friday, August 14, 2009 2:36:53 PM
Subject: Re: [Dhis2-devs] DHIS2 - Struts2 - Spring Security2
2009/8/14 Knut Staring <knutst@xxxxxxxxx>
Delighted to see progress on this.
One thing that I've encountered (and which should become a
blueprint), is that you would like to automatically generate users
who only have access to subtrees (at a certain level).
The concrete example is that you have all the countries in the world
(grouped into regions), and would like to have a user for each
country who should not have access to data for any other contry.
With 200 countries, you don't want to do this manually...
I think if you have 200 users it is maybe a good use case for using
something like ldap to manage them. For example you guys at WHO are
probably all already maintained in an ActiveDirectory server for
login to the network etc. Would be nice to be able to use the same
usernames and passwords in dhis. I gather with the spring security
2 this would be quite easy to do.
Good to see progress on this.
Cheers
Bob
Knut
On Fri, Aug 14, 2009 at 10:51 AM, Murodullo Latifov <murodlatifov@xxxxxxxxx
> wrote:
Hi people,
This is to announce alpha release of DHIS2 + Struts2 (s2) + Spring
Security2 (ss2) integration. As s2 and ss2 are major and system wide
change, they need intensive testing. Code is available at URL: https://code.launchpad.net/
~dhis2-devs/dhis2/d2s2ss2 . S2 is most resent upgrade for webwork
and ss2 is for acegy security, especially ss2 is used as is, without
customization, each URL can have its own security credentials. From
this standpoint we are free to define ROLES and set of roles (most
common use cases into one role). All security concerns are now in
one single XML file and easy to understand and exists independent of
other frameworks in DHIS2. We can also use method level security, if
method namings are appropriate using AOP. Please share your
experiences, type of user roles you have, so we can adjust system to
host that functionality.
regards,
murod
_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
--
Cheers,
Knut Staring
_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
