Versions Compared

Version Old Version 2 New Version 3
Changes made by

Pavel Břoušek (Deactivated)

Pavel Břoušek (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • urn:geant:muni.cz:group:MU#idm.ics.muni.cz - member of a VO called MU

  • urn:geant:cesnet.cz:group:einfra:group1#perun.cesnet.cz - member of a group called group1 in a VO called einfra

How to configure group entitlements

Note

The downside of this approach is that the value of the entitlement changes when the group is renamed or moved. This poses a risk of breaking access when using multipurpose groups. For a more stable solution, see resource capabilities below.

...

Group entitlements are configured in the Perun IDM. Groups need to be assigned to a resource on the corresponding facility, and ProxyIdP will start to release group entitlements automatically.

...