Tristan Tarrant created ISPN-5790:
-------------------------------------
Summary: AuthorizationManager rework
Key: ISPN-5790
URL:
https://issues.jboss.org/browse/ISPN-5790
Project: Infinispan
Issue Type: Task
Reporter: Tristan Tarrant
Assignee: Tristan Tarrant
The AuthorizationManager has a few issues:
- it is using the deprecated ClusterRegistry: it should use an internal cache instead
- it stores per-cache subject ACLs globally, thus possibly returning incorrect ACL masks
for a specific subject/cache pair
Solve the above by introducing a GlobalSecurityManager which starts a global ACL cache and
only cache the subject role mapping and not the masks.
It would be useful if the AuthorizationManager also supported checking for a specific role
in addition to a permission
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)