Steven Hawkins created TEIID-3790: ------------------------------------- Summary: Restrict any authenticated roles Key: TEIID-3790 URL: https://issues.jboss.org/browse/TEIID-3790 Project: Teiid Issue Type: Bug Components: Query Engine Reporter: Steven Hawkins Assignee: Steven Hawkins Fix For: 9.0, 8.12.x A local connection with the pass-through flag set will allow any connection if no security domain is set (the 8.x default). Beyond that the role assignment logic will any authenticated roles to those users. We need to restrict any-authenticated roles to only properly authenticated users. -- This message was sent by Atlassian JIRA (v6.4.11#64026)