[JBoss JIRA] Created: (SECURITY-318) AuthorizationManager needs a method to check if an identity has the required permissions to access a resource.
4:38 p.m.
AuthorizationManager needs a method to check if an identity has the required permissions
to access a resource.
--------------------------------------------------------------------------------------------------------------
Key: SECURITY-318
URL: https://jira.jboss.org/jira/browse/SECURITY-318
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Security SPI
Affects Versions: 2.0.2.CR11
Reporter: Stefan Guilhen
Assignee: Anil Saldhana
Fix For: 2.0.2.GA
Currently all authorize methods in AuthorizationManager evaluate the roles of the users in
order to grant access to a resource. We need an authorize(Resource, Identity, Permission)
method that would delegate the decision to the ACL layer when ACL modules have been
configured.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:42 p.m.
New subject: [JBoss JIRA] Updated: (SECURITY-318) AuthorizationManager needs a method to check if an identity has the required permissions to access a resource.
[
https://jira.jboss.org/jira/browse/SECURITY-318?page=com.atlassian.jira.p...
]
Stefan Guilhen updated SECURITY-318:
------------------------------------
Assignee: Stefan Guilhen (was: Anil Saldhana)
AuthorizationManager needs a method to check if an identity has the
required permissions to access a resource.
--------------------------------------------------------------------------------------------------------------
Key: SECURITY-318
URL: https://jira.jboss.org/jira/browse/SECURITY-318
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: Security SPI
Affects Versions: 2.0.2.CR11
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Currently all authorize methods in AuthorizationManager evaluate the roles of the users
in order to grant access to a resource. We need an authorize(Resource, Identity,
Permission) method that would delegate the decision to the ACL layer when ACL modules have
been configured.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:50 p.m.
New subject: [JBoss JIRA] Closed: (SECURITY-318) AuthorizationManager needs a method to check if an identity has the required permissions to access a resource.
[
https://jira.jboss.org/jira/browse/SECURITY-318?page=com.atlassian.jira.p...
]
Stefan Guilhen closed SECURITY-318.
-----------------------------------
Resolution: Done
The method authorize(Resource, Identity, Permission) has been added to
AuthorizationManager and ACLContext interfaces. At runtime, the JBossAuthorizationManager
implementation delegates the permission check to the ACL layer through the JBossACLContext
and the configured ACL modules.
AuthorizationManager needs a method to check if an identity has the
required permissions to access a resource.
--------------------------------------------------------------------------------------------------------------
Key: SECURITY-318
URL: https://jira.jboss.org/jira/browse/SECURITY-318
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: Security SPI
Affects Versions: 2.0.2.CR11
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Currently all authorize methods in AuthorizationManager evaluate the roles of the users
in order to grant access to a resource. We need an authorize(Resource, Identity,
Permission) method that would delegate the decision to the ACL layer when ACL modules have
been configured.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5701
days inactive
5702
days old
2 comments
1 participants
participants (1)
-
Stefan Guilhen (JIRA)