[teiid-issues] [JBoss JIRA] (TEIID-3790) Restrict any authenticated roles
Steven Hawkins (JIRA)
issues at jboss.org
Wed Oct 28 16:00:00 EDT 2015
[ https://issues.jboss.org/browse/TEIID-3790?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steven Hawkins resolved TEIID-3790.
-----------------------------------
Resolution: Done
Removed role assignment for unauthenticated sessions.
> Restrict any authenticated roles
> --------------------------------
>
> Key: TEIID-3790
> URL: https://issues.jboss.org/browse/TEIID-3790
> Project: Teiid
> Issue Type: Bug
> Components: Query Engine
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Fix For: 9.0, 8.12.x
>
>
> A local connection with the pass-through flag set will allow any connection if no security domain is set (the 8.x default). Beyond that the role assignment logic will any authenticated roles to those users. We need to restrict any-authenticated roles to only properly authenticated users.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the teiid-issues
mailing list