View Issue Details

IDProjectCategoryView StatusLast Update
0000778SOGoBackend Generalpublic2011-02-03 08:22
Reporterdani Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status newResolutionopen 
Product Version1.3.1 
Summary0000778: Constraints based on group membership
Description

For now, we can limit access to sogo, or to some modules with constraints and filter (both are based on LDAP filters).

One common need is to restrict access based on group membership. The problem is that in some situation, it's not possible to use LDAP filters. For example, when using posixAccount for users and posixGroup for groups, there's no information of the group memebership at the user level (no memberOf). In this case, it's up to the application to lookup each autorised groups, and to check if the user is a member.

It'd be great if SOGo has something like this

In order to be flexible, we should be able to define which attribute of the group object contains members (member, memberUid, uniqueMember etc...), and if the members are stored as full DN, or simple uid.

Regards, Daniel

TagsNo tags attached.

Activities

alessio

alessio

2011-02-03 08:22

reporter   ~0002077

Should be possibile define which module a group can access. Now is the opposite, if you set a module for a group, only this group can access module

Issue History

Date Modified Username Field Change
2010-08-26 09:53 dani New Issue
2011-02-03 08:22 alessio Note Added: 0002077