Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 aarc-whiteaarc-yellowaarc-blueaarc-social
white-normaluser   
white-superadmin   
yellow-normal user  
yellow-super admin  
blue-normal  user 
blue-super  admin 
social-normal   user
social-super   admin

 

Example Here an example of the SAML assertion containing attributes attribute provided by COmanage :

...

and that we are using for mapping the user:

'entitlement': 'urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:members:member@aarc-white.pilots.aarc-project.eu;urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:admin:member@aarc-white.pilots.aarc-project.eu'

Since in the entitlement it is present the value "urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:admin:member@aarc-white.pilots.aarc-project.eu", the user that has got the admin role in the CO aarc-white.pilots.aarc-project.eu is mapped to the white-super group with the admin role in OpenStack