[gold-users] Gold role based ACL

Alessandro Federico alessandro.federico at caspur.it
Thu Nov 23 06:15:15 MST 2006


Hi Scott,

I'm starting to configure Gold'role to fit our needs.
First of all I would like to avoid normal users
('Anonymous') to query all gold's object.
By default the following roles (Action & Users)
are defined:

gold at cmslab:~> goldsh RoleAction Query Role==Anonymous
Role      Object   Name    Instance
--------- -------- ------- --------
Anonymous Password ANY     SELF
Anonymous ANY      Query   ANY
Anonymous Account  Balance ANY
gold at cmslab:~> goldsh RoleUser Query Role==Anonymous
Role      Name
--------- ----
Anonymous ANY

With these ACL everyone can query any gold object.
I want 'Anonymous' users to be able to query only
their account balance. More generally I would like
they can only query the objects their own objects.

I have tried to change the 'Instance' of the two
last RoleAction of 'Anonymous' to 'SELF' but it's
not working. How can I do it?

Best regards,
Ale

-- 
 Alessandro Federico
 CASPUR     http://www.caspur.it/
 e-mail:    alessandro.federico at caspur.it
 phone:     +39 06 44486708
 fax:       +39 06 4957083
------------------------------------------
 Military intelligence is a contradiction
 in terms.                 (Groucho Marx)
------------------------------------------


More information about the gold-users mailing list