CAS/SAML/LDAP releases the below attributes and values to client application to specify the user's relationship(s) to HKUST. Note that these attributes allow multiple values. Say for example, if someone is a postgraduate student and alumni, they will get three values of eduPersonAffiliation: student, member, and alum, and three values of voPersonAffiliation: Student, Postgraduate and Alumni. The eduPersonAffiliation value member refers to any active user regardless of the relationship to HKUST.
eduPersonAffiliation
faculty, student, staff, alum, member
voPersonAffiliation
|
Attributes |
Description |
|
Staff |
HKUST Clear Water Bay and Guangzhou Staff |
|
GZ Staff |
HKUST Guangzhou Staff |
| GZ Student | HKUST Guangzhou Student |
| GZ Project | HKUST Guangzhou Project |
|
Subsidiary |
Wholly-owned subsidiary units of HKUST, e.g. RDCHK, InnoHK |
|
Faculty |
Faculty members including: Tenured faculty Teaching faculty Research faculty Visiting and Adjunct faculty Adjunct faculty carrying Honorary title |
|
Teaching Staff |
Instructor/Teaching Support Staff |
|
Emeritus |
Retired professor carrying Honorary title |
|
Student |
Student who has active degree and non-degree program |
|
Undergraduate |
Student who has active UG and non-degree UG program |
|
Postgraduate |
Student who has active PG and non-degree PG program |
|
Taught Postgraduate |
Student who has active Taught Postgraduate and non-degree Taught Postgraduate program |
|
Research Postgraduate
|
Student who has active Research Postgraduate and non-degree Research Postgraduate program |
|
Executive Postgraduate |
Student who has active Executive Postgraduate program |
|
Alumni |
Student who has program completion |
Popular access control scenario
The below table shows popular use cases to use attribites eduPersonAffiliation and voPersonAffiliation for access control in an application. You can build filters based on these attributes and/or other attributes for complex access control requirement.
| Conditions | Attribute filters |
|
All users excluding alumni |
eduPersonAffiliation=member |
| Students only |
eduPersonAffiliation=student, or voPersonAffiliation=Student |
| Staff only |
eduPersonAffiliation=staff, or voPersonAffiliation=Staff |
|
Undergraduate |
voPersonAffiliation=Undergraduate |
|
Postgraduate |
voPersonAffiliation=Postgraduate |
| Subsidiary staff only (wholly-owned subsidiary units of HKUST, e.g. RDCHK) | voPersonAffiliation=Subsidiary |