[jboss-jira] [JBoss JIRA] (AS7-478) Security checks when recursively reading resources
Brian Stansberry (JIRA)
jira-events at lists.jboss.org
Tue Sep 25 11:14:35 EDT 2012
[ https://issues.jboss.org/browse/AS7-478?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated AS7-478:
---------------------------------
Fix Version/s: 7.3.0.Alpha1
(was: 7.2.0.Alpha1)
> Security checks when recursively reading resources
> --------------------------------------------------
>
> Key: AS7-478
> URL: https://issues.jboss.org/browse/AS7-478
> Project: Application Server 7
> Issue Type: Task
> Components: Domain Management
> Affects Versions: 7.0.0.Alpha1
> Reporter: Emanuel Muckenhuber
> Assignee: Darran Lofthouse
> Labels: authorization
> Fix For: 7.3.0.Alpha1
>
>
> Currently the "read-resource" operation (GlobalOperationHandlers.ReadResourceHandler) just clones the subModel when recursively reading resources. We need to make sure that to also check the permissions for the children a node contains.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list