[Deploying Sakai] Sakai .auth and .anon Roles
kurosch.petzold at fu-berlin.de
Sun May 18 07:46:08 PDT 2014
sorry for the spam but I got another question could someone please explain
what the special roles .anon and .auth are used for. I found the following
definitions at edia (http://sakai.edia.nl/?p=868):
The .anon role is the internal role for all not logged in users.
The .auth role is the internal role for all logged in users who are
not a member of the site.
But what does that really mean?
> thanks for your reply. That link was really helpful, though I knew most of
> it already.
> Please bear with me as there are some stupid understanding issues
> So my questions are:
>  First of all there are four models of RBAC in general (Core, Hierarchy,
> Constraint and Consolidate). Sakais model uses something similar to the
> core model right?
>  RBAC96 hierarchy model (I mean hierarchy part) may be simulated to some
> extend with syncs between !site.template.course with course sites (updates
> can be inherited through sync) or through the !site.helper realm
>  Is it possible to have admin roles with different permissions? Have an
> admin without "become user" capability or limited permissions in something
> like worksite setup -> can only create project sites or site and realm
> browser with view only functionality? if not is it planned?
>  Could you elaborate on the groups part? What are they used for, can the
> group.* realms override permissions from site.* realms?
>  Just out of curiosity who developed that model?
> Kurosch Petzold
>> It is custom. Steve wrote up a good page here:
>> Sites have realms; realms contain roles; roles contain permissions.
>> Sites also contain groups; groups have their own realm; realms contain
>> roles; roles contain permissions.
>> What specific questions do you have about Sakai's role-based access
>> On Tue, May 13, 2014 at 12:55 PM, Kurosch Petzold <
>> kurosch.petzold at fu-berlin.de> wrote:
>>> is there any detailed documentation available for the role system used
>>> Sakai. I know it is Role-Based Access Control (RBAC) but there is
>>> any information about any specifics how it is implemented or whether it
>>> uses RBAC96, NIST model, another model or a custom model.
>>> I would really appreciate any help as I need to document how the
>>> role system works for my thesis and it would help us expand our IT
>>> proceedings documentation.
>>> Best regards,
>>> production mailing list
>>> production at collab.sakaiproject.org
>>> TO UNSUBSCRIBE: send email to
>>> production-unsubscribe at collab.sakaiproject.org with a subject of
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> TO UNSUBSCRIBE: send email to
>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
Mit freundlichen Grüßen
More information about the production