How can you have users authenticate on a web site with different permissions. I would like to have administrator, superuser, collaborators and normal users. In particular, I would like to restrict access to normal users, and only allow the others. Moreover superusers and administrators should allow/revoke access to collaborators. I mean, not everyone should be able to login, but only the people designated by the administrator and by superusers. Does it make sense to use openId for this? And if yes, how shall I go about doing this? How can the admin grant access to a superuser before he logs in for the first time? Thanks
Asked
Active
Viewed 73 times
1 Answers
0
OpenID is an Authentication system.
You're asking about integrating OpenID into an Authorization system.
The details about how you pre-grant an OpenID a level of authorization depends on how OpenID security principles are represented in the authorization framework. If they're predictable, then you can pre-grant. If they're not, you have some more work to do in the application.
sysadmin1138
- 133,124
- 18
- 176
- 300
-
Yes, about the integration, but are there some example? As far as pre-granting, it is still an open question. It should work based on invitation, where the person that makes invitation grants the invitee. Well, that will make it pre-granted. – azzurroverde Apr 21 '13 at 12:46
-
@AnnaZacchi I'm afraid that's above where I usually work. The only places I've seen openID used are in web-application, and that layer is usually handled by StackOverflow. – sysadmin1138 Apr 21 '13 at 15:15