[Freeipa-users] Restrict WebUI access
dev at mdfive.dz
dev at mdfive.dz
Thu Apr 14 11:57:52 UTC 2016
Hi,
By default, a simple user which authenticate on WebUI has access to his
profile info page and can list all users and access to their infos (read
only).
I want to limit a simple user to his profile info page only (where he
can change its own password) and disable access to users list and their
info.
Best regards.
On 2016-04-14 10:22, dev at mdfive.dz wrote:
> Hi,
>
> Yes, I want to restrict simple authenticated users on the WebUI from
> seeying the list of all users.
>
> Is it configurable with the role based access control?
>
> Best regards.
>
> On 2016-04-13 13:04, Petr Vobornik wrote:
>> On 04/13/2016 11:30 AM, dev at mdfive.dz wrote:
>>> Hi,
>>>
>>> I want to restrict FreeIP WebUI access to a limited users only. How
>>> can
>>> I proceed.
>>>
>>> Thanks in advance,
>>> Regards
>>> --
>>> Omar AKHAM
>>>
>>
>> What do you mean by restrict access to Web UI?
>>
>> Prevent certain group of users to log in? This is not possible to
>> configure atm. It is possible to develop a Web UI plugin that does it
>> but it is not straightforward. Either-way it won't prevent users from
>> using FreeIPA API or CLI to get the information if it is not
>> restricted
>> via RBAC.
>>
>> Limit what user can see/search for? This is possible to configure via
>> Role-based access control (RBAC)[1].
>>
>>
>> [1]
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/defining-roles.html
More information about the Freeipa-users
mailing list