]
Steven Hawkins updated TEIID-3790:
----------------------------------
Fix Version/s: (was: 9.0)
(was: 8.12.x)
Restrict any authenticated roles
--------------------------------
Key: TEIID-3790
URL:
https://issues.jboss.org/browse/TEIID-3790
Project: Teiid
Issue Type: Bug
Components: Query Engine
Reporter: Steven Hawkins
Assignee: Steven Hawkins
A local connection with the pass-through flag set will allow any connection if no
security domain is set (the 8.x default). Beyond that the role assignment logic will any
authenticated roles to those users. We need to restrict any-authenticated roles to only
properly authenticated users.