I'm using Policy Server 7.2 with JBoss and MySQL on Win2K3 and have configured JBoss to use SSL. I have some requirements to Add users and groups in real time but APS doesn't support this kind of system, i.e., it uses synchronization.
So I try to find out the DB schema about the users and groups.
The big problem is that I can't change the group member by editing the table [edc.edcprincipalgroupcontainmententity]. I changed the field [principalchildid] of table. eg. I changed the [principalchildid] of user0 to user1. But the result is that both user0 and user1 can read the PDF file!
Should I edit another tables or files if I want the user0 not to read the PDF file?
PS: the PDF file uses the policy with the entry of group.
Any ideas?