I am stuck up with security issues, and I am in a confusion state of what sort of security profile can be stored in ldap.
I have the following scenario.
In my application users can have particular rights in application as well as projects. The rights I am assigning are very specific
depending on the application. For Ex: For giving the access permissions for cvs user, the admin can assign him only check in
or checkout rights. In the same way for a bug tracking system an admin can specify which user can submit a bug and assign a
bug. So how do we represent this sort of information in ldap(is it like maintaining groups). Is it also possible that I can have groups
within groups, wherein the super group have some rights and the sub group has only a subset of rights of the super user.
can anyone please throw some light on these questions. Can I use database for representing the above scenario.
Any reply is greatly appreciated and I anticipate an early reply
Thanks & Regards.