Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

SU Tool Setup - UCD Implementation

Jon Gorrono coded an UCD implementation of SU tool for non-administration users to satisfy Jira SAK-131: Add Role based SU security which originated from the need of IT Express support personnel to SU as UC Davis faculty for problem resolution and support. The tool was added to Smartsite v2.3.x.

The test plan, at https://confluence.ucdavis.edu/confluence/display/UCDSAKAI/SU+Tool+-+Test+Plan, covers many of the specifications of the tool's functionality. When the code was ported for the upgrade to Sakai 2.4, we discovered the need for further documentation on how to set up the SU tool on a vanilla system.

Setup Instructions

After the UCD code is in place, follow these steps to add SU access and to provide users with that access:

  1. Access Realms and select New Realm. Enter and save the following settings:
    • Realm Id: !su.can_su_realm
    • Provider Id: null - leave blank
    • Maintain Role: maintain
  2. Select the newly created realm and then select Add Role. Enter a name and short description which will make sense to others.
    Set Should this role be limited to the group provider only? to No and check su.can_su as the function, and save.
  3. Select Grant Ability. Enter a user's Kerberos name in User Id and select the role that you created in the last step.

Provide each user with access to the Become User function:

  • No labels