[jboss-dev-forums] [JBoss AS 7 Development] - Access control notes
Heiko Braun
do-not-reply at jboss.com
Wed Apr 24 06:07:32 EDT 2013
Heiko Braun [https://community.jboss.org/people/heiko.braun] commented on the document
"Access control notes"
To view all comments on this document, visit: https://community.jboss.org/docs/DOC-48596#comment-11940
--------------------------------------------------
Reading through your examples again, I think this one shouldn't be supported:
> do rights to the referrer grant rights to the referent
If you don't have the same rights on both ends (which is what the sentence implies) it should be considered an illegal constraint and access to the the referent not be granted. Eventually we shoud veen take it further and consider the role as illegal (unusable) when it is associated with illegal secuty rules.
--------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130424/4431f198/attachment.html
More information about the jboss-dev-forums
mailing list