[jboss-jira] [JBoss JIRA] Closed: (SECURITY-13) Authorization Framework should work off of the roles in the Security Context
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Tue May 8 10:45:52 EDT 2007
[ http://jira.jboss.com/jira/browse/SECURITY-13?page=all ]
Anil Saldhana closed SECURITY-13.
---------------------------------
Resolution: Done
> Authorization Framework should work off of the roles in the Security Context
> ----------------------------------------------------------------------------
>
> Key: SECURITY-13
> URL: http://jira.jboss.com/jira/browse/SECURITY-13
> Project: JBoss Security and Identity Management
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: 2.0.GA
> Reporter: Anil Saldhana
> Assigned To: Anil Saldhana
> Fix For: 2.0.GA
>
>
> There has been a discussion going on with reference to a Security Context in JBossSX. Refer to the forum thread
> As it stands, the Security Context is populated with the roles for the authenticated user, but the access checks that are happening (mainly for the jacc layer) needs to move away from the reliance on the role-group placed as a principal in the authenticated subject, but to use the roles in the Security Context.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list