Note |
---|
I have updated the The examples in this page to reflect changes needed certain approaches required by IdP V5. They are not fully entirely compatible with earlier versions, though the differences are fairly minor relative the point of the example. |
Overview
This is a companion example to the more more general Grouper Integration Example. It demonstrates an approach to leveraging the IdP’s impersonation feature, while using a particular design pattern in Grouper to model and manage the authorization decisions that are required by that feature. It is not by any means the only way to manage impersonation, nor the only way to use Grouper to do that, as the feature is extremely generic and merely requires that a pair of access control policies exist to supply answers to the basic questions “can this user impersonate anybody to this service?” and “can this user impersonate this subject to this service?”.
...