My requirement is the claims assigned to a user are company aware so say for example User 1: is publisher for Product Manager for Company 1 but the same user is only editor for Company B. Can this be achieved through Geneva Server, or additional code needs to be written to override classes.
-
In my opinion it's the relying party itself should be making decisions on what roles to attach to a token based upon the identity itself.
However you can set rules based on individual relying parties and choose to serve information as a claim based on whatever the backing store says. Now how you represent that information in whatever backing store you are using (AD, LDAP, SQL, whatever) is a design decision at your end. You may also want to look at harnessing the claims transformation language in beta 2.
It's really hard to give any specific advice without knowing details about where your claim backing store is going to be and why you think you need to go this route.
chugh97 : I am planning to use SQL Server as backing storeblowdart : You realise that Geneva Server must authenticate against an Active Directory. At the minimum your users must be in an AD to use Geneva ServerMiau : Are you sure about that? I didnt think it had a dependency on ADFSblowdart : Server does yes - or rather ADFS as it's been branded.From blowdart
0 comments:
Post a Comment