[jboss-jira] [JBoss JIRA] (WFLY-1838) Authorisation descision filtered vs. read-only

Heiko Braun (JIRA) jira-events at lists.jboss.org
Wed Aug 7 03:03:26 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-1838?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795498#comment-12795498 ] 

Heiko Braun edited comment on WFLY-1838 at 8/7/13 3:02 AM:
-----------------------------------------------------------

{quote}
2) a) If an attribute's access is sensitive it will not appear in either read-resource-description or read-resource.
{quote}

So, if i interpret these responses correctly, the reason why I don't see the security-domain in :read-resource-description(access-control=true){roles=monitor} is because the sensitive attribute is filtered out?

In that case I'd agree with Brian, that we should "... just formally ban the notion that it's possible to make an attribute or operation non-addressable."

Can we agree on this change the behaviour of :read-resource-description(access-control=true) accordingly?
                
      was (Author: heiko.braun):
    "2) a) If an attribute's access is sensitive it will not appear in either read-resource-description or read-resource
."

So, if i interpret these responses correctly, the reason why I don't see the security-domain in :read-resource-description(access-control=true){roles=monitor} is because the sensitive attribute is filtered out?

In that case I'd agree with Brian, that we should "... just formally ban the notion that it's possible to make an attribute or operation non-addressable."

Can we agree on this change the behaviour of :read-resource-description(access-control=true) accordingly?

                  
> Authorisation descision filtered vs. read-only
> ----------------------------------------------
>
>                 Key: WFLY-1838
>                 URL: https://issues.jboss.org/browse/WFLY-1838
>             Project: WildFly
>          Issue Type: Clarification
>          Components: Domain Management
>            Reporter: Heiko Braun
>            Assignee: Kabir Khan
>
> When I look at datasources for example, I can see a difference between :read-resource-description(access-control=true) and the output of :read-resource(){roles=monitor}.
> The first doesn't contain constraints for "security-domain", but the later indicates them as being filtered (access-control response header).
> First question: Is this a bug?
> Second and more general question: Will all filtered attributes be presented as "read=false" & "write=false"?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list