...
Element Name | uhReleasedGrouping | ||||||||
Description | This has all the released groupings that a person belongs to. Each such grouping represents an application or function for which all of the grouping's members have been authorized. UH Groupings can be used as a central authorization management resource, and this attribute makes it even easier. You typically create a grouping to contain people authorized to do something in your application, then release that grouping by choosing uhReleasedGrouping as a sync destination. Your application can then check whether the grouping is in this attribute when it is returned by CAS/LDAP. This makes authorization implementation extremely simple. There is no need to write or maintain your own authorization code or to host your own authorization data. As an added convenience, ITS also populates this attribute with many general-purpose values (this page is restricted to the UH community).
| ||||||||
UH Data Classification | Restricted per Executive Policy 2.214 | ||||||||
LDAP Attribute Info |
| ||||||||
Required Format for Storage | string(256), format: {a..z}{A..Z}{0..9}{:-._+=*} | ||||||||
Example Stored Data(2) | manoa-campus-arboretum-club There are three types of data values that can go into uhReleasedGrouping:
Note that there is no namespace collision between the three types of values. Obfuscated groupings always begin with obf: and curated groupings will always begin with hawaii.edu:store. Regular groupings are guaranteed to never have a colon, so there is no collision. | ||||||||
Systems of Record | N/A because the data comes from UH Groupings. A grouping could be entirely ad hoc, meaning there was no system of record involved, or a grouping's basis could be built using the UH Group Store, which has groups from all systems of record. | ||||||||
Notes |
|
...