Heiko Braun [
https://community.jboss.org/people/heiko.braun] commented on the document
"Access control notes"
To view all comments on this document, visit:
https://community.jboss.org/docs/DOC-48596#comment-11940
--------------------------------------------------
Reading through your examples again, I think this one shouldn't be supported:
do rights to the referrer grant rights to the referent
If you don't have the same rights on both ends (which is what the sentence implies) it
should be considered an illegal constraint and access to the the referent not be granted.
Eventually we shoud veen take it further and consider the role as illegal (unusable) when
it is associated with illegal secuty rules.
--------------------------------------------------