Make cache authorization roles declaration implicit --------------------------------------------------- Key: ISPN-11763 URL: https://issues.redhat.com/browse/ISPN-11763 Project: Infinispan Issue Type: Enhancement Components: Security Affects Versions: 11.0.0.Dev05 Reporter: Tristan Tarrant Assignee: Tristan Tarrant Priority: Major Fix For: 11.0.0.CR1 Specifying cache authorization roles is a chore because a user must declare which global roles apply to each individual cache. By making the cache roles implicit, we can apply all roles declared in the global config to caches automatically: {code:xml} <cache-container> <security> <authorization> <identity-role-mapper/> <role name="AdminRole" permissions="ALL"/> <role name="ReaderRole" permissions="READ"/> <role name="WriterRole" permissions="WRITE"/> <role name="SupervisorRole" permissions="READ WRITE EXEC BULK_READ"/> </authorization> </security> <distributed-cache name="secure-implicit"> <security><authorization/></security> </distributed-cache> <distributed-cache name="secure-explicit"> <security><authorization roles="AdminRole ReaderRole WriterRole SupervisorRole"/></security> </distributed-cache> </cache-container> {code}