]
Gustavo Fernandes reassigned ISPN-9704:
---------------------------------------
Assignee: (was: Gustavo Fernandes)
REST fine grained security support
----------------------------------
Key: ISPN-9704
URL:
https://issues.jboss.org/browse/ISPN-9704
Project: Infinispan
Issue Type: Feature Request
Reporter: Gustavo Fernandes
Priority: Major
Currently the REST server requires authentication but does not offer authorization
capabilities. The new REST API described in ISPN-8535 requires that invocations on
resources can be restricted on a per user/role basis.
Examples:
/GET on /rest/v2/{cacheName} should be allowed for all authenticated users
/POST on /rest/v2/{cacheName} should be restricted to users having the ADMIN role