]
Steven Hawkins resolved TEIIDSB-85.
-----------------------------------
Resolution: Done
Removed the role requirement. Will be removed from the example as part of a larger
re-work.
Remove the need for an odata role
---------------------------------
Key: TEIIDSB-85
URL:
https://issues.jboss.org/browse/TEIIDSB-85
Project: Teiid Spring Boot
Issue Type: Quality Risk
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Major
Fix For: 1.1.0
The odata access role was carried forward from Teiid to Teiid Spring Boot. We should
rethink this.
I think the reason it was originally added was for installs that were not using data
roles it ensured that odata access was not wide open. It also introduced the complexity
that it could be using a different security domain that the default.
It's simplest to just remove the role requirement. As we've refined things we
now are using the same realm through out and a single client for both odata and pg/jdbc
access. Since it's very easy to add grant all roles to properly permissioned users or
simple grant all read-only access, it does not seem necessary to further restrict odata
access at the teiid level.