Hi All.

I have an issue with revoking roles and resources.

I have entitlements that query the application for values. Then I have
a resource that uses those values. I have then created roles for each
value that is relevant for the end user. IE:
- Role 1 - Resource (AD-Resource) with value (IT) - Entitlement with
value (IT)
- Role 2 - Resource (AD-Resource) with value (Administration) -
Entitlement with value (Administration)
- Role 3 - Resource (AD-Resource) with value (Health Care) -
Entitlement with value (Healt Care)

Assigning roles works fine, but if I revoke any of the roles above, all
resources are removed from the user. Revoking roles seems not to care
about that the Resource is value-based.

How do I get the role revokation to only remove that instance of
resource that has these values? Is it a bug?

Best Regards

marcus_jonsson's Profile: http://forums.novell.com/member.php?userid=15518
View this thread: http://forums.novell.com/showthread.php?t=454463