[jboss-jira] [JBoss JIRA] Closed: (SECURITY-318) AuthorizationManager needs a method to check if an identity has the required permissions to access a resource.
Stefan Guilhen (JIRA)
jira-events at lists.jboss.org
Thu Nov 6 19:50:46 EST 2008
[ https://jira.jboss.org/jira/browse/SECURITY-318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Guilhen closed SECURITY-318.
-----------------------------------
Resolution: Done
The method authorize(Resource, Identity, Permission) has been added to AuthorizationManager and ACLContext interfaces. At runtime, the JBossAuthorizationManager implementation delegates the permission check to the ACL layer through the JBossACLContext and the configured ACL modules.
> AuthorizationManager needs a method to check if an identity has the required permissions to access a resource.
> --------------------------------------------------------------------------------------------------------------
>
> Key: SECURITY-318
> URL: https://jira.jboss.org/jira/browse/SECURITY-318
> Project: JBoss Security and Identity Management
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Security SPI
> Affects Versions: 2.0.2.CR11
> Reporter: Stefan Guilhen
> Assignee: Stefan Guilhen
> Fix For: 2.0.2.GA
>
>
> Currently all authorize methods in AuthorizationManager evaluate the roles of the users in order to grant access to a resource. We need an authorize(Resource, Identity, Permission) method that would delegate the decision to the ACL layer when ACL modules have been configured.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list