[jboss-jira] [JBoss JIRA] Closed: (SECURITY-19) Authorization Decision can be affected by deployment level roles
Anil Saldhana (JIRA)
jira-events at jboss.com
Fri Nov 3 00:17:41 EST 2006
[ http://jira.jboss.com/jira/browse/SECURITY-19?page=all ]
Anil Saldhana closed SECURITY-19.
---------------------------------
Resolution: Done
EJB21, EJB3 and Web layers have all been updated in the JEE_TCK branch.
> Authorization Decision can be affected by deployment level roles
> ----------------------------------------------------------------
>
> Key: SECURITY-19
> URL: http://jira.jboss.com/jira/browse/SECURITY-19
> Project: JBoss Security
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: 2.0
> Reporter: Anil Saldhana
> Assigned To: Anil Saldhana
> Fix For: 2.0
>
>
> If the user configures roles with principals in the JBoss DD (jboss.xml, jboss-web.xml and jboss-app.xml), these can affect the authorization decision. The Authorization Manager should be aware of these deployment level roles to be passed to the mapping framework (such that if there is an explicit mapping provider that takes into consideration, these deployment level roles), then the overall authorization decision can be affected.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list