Example Web PEP
Web Policy Enforcement Point
Use case example
We want to define a policy to restrict access to some pages of the Soffid console.
The users who are assigned to the SOFFID_RRHH role (from this point forward: end-users) will have limitations to access to some Soffid console pages:
- The end-users who belong to the "enterprise" group as primary group, could not access to the groups page.
- The end-users could not access to role page.
- En other cases permit access.
First of all, we define a policy set.
Then, we can define a policy to manage the access. We need to define the subject, in that case users with SOFFID_RRHH role assigned.
Also, we can define a variable that contains the group name to establish the restrictions.
The end-users who belong to the "enterprise" group as primary group, could not access to the groups page.
The end-users could not access to role page.
En other cases permit access.
You can download a XML file with the example: policy-TestWebPEP.xml