Crowd 2.1 : Managing Groups and Roles
This page last changed on Nov 30, 2010 by smaddox.
This page introduces you to groups and roles in Crowd. About Groups and RolesGroups and roles are known as permission container objects. Groups are particularly important in Crowd, as they are often used to control access to applications. Note also that the crowd-administrators group confers Crowd administration rights to its members. Roles are DeprecatedAs previously announced, roles are now deprecated in Crowd. We have not changed the functionality of roles in Crowd 2.1, but we do recommend that you move away from the use of roles in your Crowd installation so that you will not be adversely affected by the planned redesign of role functionality. Roles are disabled by default when you create a new LDAP directory. We recommend that you leave roles disabled, unless you have existing data that includes roles. At present, the implementation of roles in Crowd is identical to the implementation of groups. This design does not provide much useful functionality, so we are planning to redesign the way Crowd supports roles. If you would like to help us to design better role-based access control, please add a comment to the improvement request CWD-931, letting us know how you would like to see it work. Nested GroupsSome user directories allow you to define a group as a member of another group. Groups in such a structure are called 'nested groups'. In Crowd, you can map any group to an application, including a group which contains other groups. Crowd supports nested groups for LDAP directory connectors, Crowd internal directories, Delegated Authentication directories and custom directories. You can enable or disable support for nested groups on each directory individually. For more information, refer to the documentation on configuring a directory. For more details about nested groups, refer to Nested Groups in Crowd.About the Group Browser and the Role BrowserThe Group Browser and the Role Browser are very similar. They allow you to search, view, add and edit the various groups and roles stored within a specified directory. To use the Group Browser,
RELATED TOPICS
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
![]() |
Document generated by Confluence on Nov 30, 2010 23:53 |