[teiid-commits] teiid SVN: r2495 - branches/7.1.x/documentation/reference/src/main/docbook/en-US/content.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Thu Aug 26 15:18:30 EDT 2010
Author: shawkins
Date: 2010-08-26 15:18:29 -0400 (Thu, 26 Aug 2010)
New Revision: 2495
Modified:
branches/7.1.x/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
Log:
TEIID-1220 changing data role checking to be enabled by default, but to only check against vdbs with data roles
Modified: branches/7.1.x/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
===================================================================
--- branches/7.1.x/documentation/reference/src/main/docbook/en-US/content/dataroles.xml 2010-08-26 18:24:46 UTC (rev 2494)
+++ branches/7.1.x/documentation/reference/src/main/docbook/en-US/content/dataroles.xml 2010-08-26 19:18:29 UTC (rev 2495)
@@ -6,14 +6,13 @@
<chapter id="dataroles">
<title>Data Roles</title>
<para>Data roles, also called entitlements, are sets of permissions that are defined
- per VDB that dictate data access (create, read, update, delete). The use of data roles is controlled system wide with the property in
- <code><jboss-install>/server/<profile>/deploy/teiid/teiid-jboss-beans.xml</code> file
- in bean configuration section of <code>RuntimeEngineDeployer</code> with property <code>useDataRoles</code>.</para>
+ per VDB that dictate data access (create, read, update, delete). The use of data roles can be disabled system wide with the property in
+ &jboss-beans; file in bean configuration section of <code>RuntimeEngineDeployer</code> with property <code>useDataRoles</code>.</para>
- <para>Once data roles are enabled, the access permissions defined in a VDB will be enforced by the Teiid Server.
- </para>
+ <para>If data roles is enabled and data roles are defined in a VDB, then access permissions will be enforced by the Teiid Server.</para>
- <warning><para>Teiid uses a deny by default permission system, so all VDBs deployed to the server will need roles granting access with this feature enabled.</para></warning>
+ <warning><para>Unlike previous versions of Teiid data roles will only be checked if present in a VDB.
+ A VDB deployed without data roles is open for use by any authenticated user.</para></warning>
<section>
<title>Permissions</title>
More information about the teiid-commits
mailing list