Re: [Hawkular-dev] Tenancy model (was Re: Do not depend on Keycloak anymore)
On 18 Apr 2016, at 18:43, Thomas Segismont wrote:
If we don't check that the authenticated user can only access the
data he
is entitled to read, it's not good. It's protecting your web application
with client side checks only.
In the use case where you only have one
user, this probably does not matter too
much.