[jboss-jira] [JBoss JIRA] Commented: (JBPORTAL-1179) Create a special undeletable user for the administrator
Thomas Heute (JIRA)
jira-events at lists.jboss.org
Thu Feb 15 07:21:30 EST 2007
[ http://jira.jboss.com/jira/browse/JBPORTAL-1179?page=comments#action_12353188 ]
Thomas Heute commented on JBPORTAL-1179:
----------------------------------------
I'm still wondering if we should go that way or not...
- With a special admin, it's a potential security weakness
- Without a special admin, people may end up with an unusable portal unless they modify the identity storage manually. (DB or LDAP)
> Create a special undeletable user for the administrator
> -------------------------------------------------------
>
> Key: JBPORTAL-1179
> URL: http://jira.jboss.com/jira/browse/JBPORTAL-1179
> Project: JBoss Portal
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Portal Identity
> Reporter: Thomas Heute
> Fix For: 2.6.Beta1
>
>
> The user with username "admin" is now mandatory at least for the CMS service (see JCRCMS.java).
> We should not be able to delete the admin user. Ultimately we should be able to give him any username.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list