[eduVPN-deploy] ACL - permission
François Kooman
fkooman at tuxed.net
Tue Apr 7 11:32:08 CEST 2020
On 4/7/20 11:20 AM, Vincent Perrot wrote:
> Hi,
Hi Vincent!
> 'permissionAttributeList' => ['eduPersonAffiliation', 'memberOf'],
That doesn't work. The current code is in the "v2" branch.
> My goal is to limit access to a user population except for admins.
The LDAP backend does not support permissionAttribute with multiple
values (yet). I could implement this for the next release of
vpn-user-portal if you want. The value could then be a string or an array.
> 'accessPermissionList' => ['student'],
> 'adminPermissionList' => ['cn=admins_vpn,ou=groups,dc=myorga'],
Assuming the multiple permissions things works, you would also have to
give the admins access, otherwise it doesn't work... They can't login to
the portal than!
> /etc/vpn-server-api/config.php
> 'enableAcl' => true,
> 'aclPermissionList' => ['student'],
Only students can access the VPN, yes, that works.
Regards,
François
More information about the eduVPN-deploy
mailing list