Hello Dominik,
I haven't done it myself, but I'd start here:
https://www.freeipa.org/page/Web_App_Authentication
Rafael
On Thu, Apr 16, 2020 at 5:11 AM Dominik Vogt via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
Hi folks,
on RHEL8.0, we've set up a small cluster with a FreeIPA server and two clients, one running a browser (Firefox) and the other running a web server (tomcat). (IdM is still configured with the defaults.)
Now, what is the proper way to tackle fine grained access control to the web service? We want to do something like the IdM server GUI, i.e. some users are authorized to use all the functions of the GUI, others are restricted to editing or viewing a limited set of pages, and others are locked out. So far I've looked into host based authentication, but that doen't seem to solve the task at hand. All access control should be done through Kerberos tickets.
A pointer to related documentation would also help.
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...