...
aarc-white | aarc-yellow | aarc-blue | aarc-social | |
---|---|---|---|---|
white-normal | user | |||
white-super | admin | |||
yellow-normal | user | |||
yellow-super | admin | |||
blue-normal | user | |||
blue-super | admin | |||
social-normal | user | |||
social-super | admin |
Here an example of the SAML assertion attribute provided by COmanage and that we are using for mapping the user:
'entitlement': 'urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:members:member@aarc-white.pilots.aarc-project.eu;urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:admin:member@aarc-white.pilots.aarc-project.eu' |
---|
Since in the entitlement it is present the value "urn:mace:aarc-project.eu:am03.pilots.aarc-project.eu:admin:member@aarc-white.pilots.aarc-project.eu", the user that has got the admin role in the CO aarc-white.pilots.aarc-project.eu is mapped to the white-super group with the admin role in OpenStack
...