How one can configure PicketLink (LDAP) to create some baisc many-to-many relationship?
User 0<-->* Role 0<-->* Permission
So User can have multiple Role and Role can have multiple permissions.
In PicketLink I can create some Role and add there some users(even custom classes):
But how can I add some Permission to the same Role or another way to create this many to many realtionship in LDAP\PicketLink?
So my Role will looks like this or similar:
I found some information:
"The LDAP configuration supports the mapping of simple hierarchies (parent/child) of a single type."
Is it so that LDAP can't do this?
I also tryed to create some custom membership class for some custom mapping:
.attribute("name", CN, true)
//configure which identity type is the owner of a relationship
But at run time I got some error and couldn't add this to my relationshipmanager.
Have anyone seen good example of doing some many to many relationship in LDAP/PicketLink?
Or may be have some solution to similar problem?