Here is what I want to do:
When an employee login in from office, she gets roles R1, R2. But when the same employee logs in from home, she needs to get R1 only. Does anybody have any clue on how to make this work?
Both internal users and external users come in to the same portal, and the user store is also a common LDAP. Of course, we have a web server in the DMZ for external access. We do have Siteminder, Active directory in the DMZ. The siteminder can look up in the AD, determine that the access method is external and pass the portal anything we want the portal to know. But how does the portal determine the access method is external and assign different roles to it?
Any help is highly appreciated.