[infinispan-issues] [JBoss JIRA] (ISPN-4451) Missing ACCESS right
Tristan Tarrant (JIRA)
issues at jboss.org
Sun Jun 29 14:50:24 EDT 2014
[ https://issues.jboss.org/browse/ISPN-4451?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12980470#comment-12980470 ]
Tristan Tarrant commented on ISPN-4451:
---------------------------------------
One thing that has changed since the previous release is that you need to invoke globalConfiguration.security().authorization().enable() (enablement was previously implicit).
> Missing ACCESS right
> --------------------
>
> Key: ISPN-4451
> URL: https://issues.jboss.org/browse/ISPN-4451
> Project: Infinispan
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Security
> Reporter: Vojtech Juranek
> Assignee: Tristan Tarrant
>
> When security is turned on ({{cacheConfig.security().authorization().enable()}}), any user can obtain/create a cache, even unauthorized users. This should be allowed only for users with right {{ACCESS}}. This right is actually not present in {{AuthorizationPermission}}.
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the infinispan-issues
mailing list