Hi folks,
on RHEL8.0, we've set up a small cluster with a FreeIPA server and
two clients, one running a browser (Firefox) and the other running
a web server (tomcat). (IdM is still configured with the
defaults.)
Now, what is the proper way to tackle fine grained access control
to the web service? We want to do something like the IdM server
GUI, i.e. some users are authorized to use all the functions of
the GUI, others are restricted to editing or viewing a limited set
of pages, and others are locked out. So far I've looked into host
based authentication, but that doen't seem to solve the task at
hand. All access control should be done through Kerberos tickets.
A pointer to related documentation would also help.
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt