DoIT Shared Tools - Wiki - Auto-defined Groups

Some groups of users in the DoIT Wiki and JIRA are maintained automatically for you. Space Admins in particular should understand these groups and use them appropriately to authorize access to their space. These groups and some use cases are documented here.

Auto-defined Groups

udds

At login, each user is checked for the SHIB attirbute eduWisconsinUDDS (which contains the user's UDDS). If present the, 4 groups are created for the given user. In the table below the example values shown would be for a user with eduWisconsinUDDS=a067130.

GroupExampleDescription
udds 1-digitudds-aA group starting with udds- and containg the first digit of the UDDS value
udds 3-digitudds-a06A group starting with udds- and containing the first 3 digits of the UDDS value
udds 5-digitudds-a0671A group starting with udds- and containing the first 5 digits of the UDDS value
udds 7-digitudds-a067130A group staring with udds- and containing the full 7 digit UDDS value

confluence-users & jira-users

Depending on which tool we're talking about Confluence or Jira, the confluence-users or jira-users groups contain every active account that belongs to a person. This group potentially includes any person with a UW-Madison NetId as these users can self-enroll to use the respective tool (Confluence or Jira). Also, with Confluence, Space Admins can request that non-UW-Madison persons be given an account. This group is populated when user accounts are created.

anonymous

Anonymous is not strictly a group. It represents all users who have not authenticated to the wiki. We know nothing about an anonymous user's identity. Under no circumstances should anonymous users be granted write access to the DoIT Wiki.

Use Cases

Remember, permissions are set at the space level. They can be further limited for portion of the space's tree of pages. They can not be expanded on a per page basis.

Campus comment (Authenticated comment)

Space admin grants Create Page access to the space to a specific set of users that maintain the space content. View access and Create comment access is granted to confluence-users. This allows all campus users to view the space content and add comments to pages in the space, but not change the wiki content. Note with Wiki Self-Enrollment, if a campus user is specifically directed to a non-anonymous page an account will be created for them in the Wiki when they access the page. But until they have an account, if they search for content they will not see non-anonymous content.




Keywords:udds shib   Doc ID:16001
Owner:Teresa A.Group:Shared Tools
Created:2010-12-02 19:00 CDTUpdated:2017-08-31 12:48 CDT
Sites:Shared Tools
Feedback:  0   0