Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

if grouper.hibernate properties grouper.is.ws.basicAuthn is set, or environment variable GROUPER_WS_GROUPER_AUTH is set, Basic authentication can be used to allow specific entities to log in. The password is set on the local entity using GSH and the GrouperPasswordSave() method. As with other subjects, either the subject id (the entity uuid) or the subject identifier (the entity full path) can be used to authenticate. Note that the identifier will have colons. This normally conflicts with Basic auth's username:password syntax. Grouper handles Basic auth in a non-standard way by splitting on the last colon of the username:password string instead of the first (grouper.properties grouper.authentication.splitBasicAuthOnFirstColon = false by default). You can also escape the colons (in either the username or password) by replacing with : (grouper.properties, grouper.authentication.basicAuthUnescapeColon is true by default).

...

Only entity privileges can be assigned


Web services

Note: all web service changes are also available in the Grouper client.

You can create a local entity (or edit, delete), with the GroupSave web service and add typeOfGroup.


Code Block
{
  "WsRestGroupSaveRequest":{
    "wsGroupToSaves":[
      {
        "wsGroup":{
          "description":"desc1",
          "displayExtension":"disp1",
          "name":"aStem:whateverGroup",
          "typeOfGroups":"entity"
        },
        "wsGroupLookup":{
          "groupName":"aStem:whateverGroup"
        }
        
      }
    ]
  }
}


You can also use the FindGroups web service to find entities:

Code Block
{
  "WsRestFindGroupsRequest":{
    "wsQueryFilter":{
      "typeOfGroups":"entity",
      "queryFilterType":"FIND_BY_GROUP_NAME_APPROXIMATE",
      "stemName":"aStem",
      "groupName":"aGr"
    }
  }
}


...