[jboss-jira] [JBoss JIRA] Created: (SECURITY-19) Authorization Decision can be affected by deployment level roles
Anil Saldhana (JIRA)
jira-events at jboss.com
Thu Nov 2 23:43:41 EST 2006
Authorization Decision can be affected by deployment level roles
----------------------------------------------------------------
Key: SECURITY-19
URL: http://jira.jboss.com/jira/browse/SECURITY-19
Project: JBoss Security
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: JBossSX
Affects Versions: 2.0
Reporter: Anil Saldhana
Assigned To: Anil Saldhana
Fix For: 2.0
If the user configures roles with principals in the JBoss DD (jboss.xml, jboss-web.xml and jboss-app.xml), these can affect the authorization decision. The Authorization Manager should be aware of these deployment level roles to be passed to the mapping framework (such that if there is an explicit mapping provider that takes into consideration, these deployment level roles), then the overall authorization decision can be affected.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list