[jboss-jira] [JBoss JIRA] (WFLY-2042) Enforcement of "RunAs" policies
Brian Stansberry (JIRA)
jira-events at lists.jboss.org
Thu Sep 19 00:27:03 EDT 2013
[ https://issues.jboss.org/browse/WFLY-2042?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry resolved WFLY-2042.
------------------------------------
Assignee: Darran Lofthouse (was: Brian Stansberry)
Resolution: Done
Originally the 'simple' provider was the only one that supported RunAs, and with 'simple' any authenticated user is equivalent to SuperUser. (This is the "consistent with previous releases" setup.)
When Darran added RunAs support to the 'rbac' provider, he did it as stated here.
> Enforcement of "RunAs" policies
> -------------------------------
>
> Key: WFLY-2042
> URL: https://issues.jboss.org/browse/WFLY-2042
> Project: WildFly
> Issue Type: Enhancement
> Components: Domain Management
> Reporter: Heiko Braun
> Assignee: Darran Lofthouse
> Fix For: 8.0.0.Beta1
>
>
> Currently we do support the role overrides with the additional {roles=[foo,bar]} header. This should be restricted to only take effect when the principal has SuperUser priviledges. In all other cases that header should be ignored.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list