You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@isis.apache.org by "Kevin Meyer (Created) (JIRA)" <ji...@apache.org> on 2012/03/18 13:26:39 UTC

[jira] [Created] (ISIS-218) Allow file authorizor whitelist to default to "allowed"

Allow file authorizor whitelist to default to "allowed"
-------------------------------------------------------

                 Key: ISIS-218
                 URL: https://issues.apache.org/jira/browse/ISIS-218
             Project: Isis
          Issue Type: New Feature
          Components: Security: File
    Affects Versions: 0.2.0-incubating
            Reporter: Kevin Meyer
            Priority: Trivial
             Fix For: 0.3.0-incubating


As it stands, the file authorizer (FileAuthorizor) requires that a service/class/action explicitly be listed in the white list for it to be allowed.
If the same service/class/action is also listed on the black list, then it is disallowed.

I am adding the following property, which defaults to false:
isis.authorization.file.whitelist.empty.isallowed=true
to allow the white list to allow all by default, if the whitelist file is empty.

This allows you to specify only those roles that are *disallowed* in the black list, while leaving the whitelist empty.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Closed] (ISIS-218) Allow file authorizor whitelist to default to "allowed"

Posted by "Kevin Meyer (Closed) (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/ISIS-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kevin Meyer closed ISIS-218.
----------------------------

    Resolution: Fixed
      Assignee: Kevin Meyer

Done. 
No tests on the FileAuthorizor. We need to address this.
                
> Allow file authorizor whitelist to default to "allowed"
> -------------------------------------------------------
>
>                 Key: ISIS-218
>                 URL: https://issues.apache.org/jira/browse/ISIS-218
>             Project: Isis
>          Issue Type: New Feature
>          Components: Security: File
>    Affects Versions: 0.2.0-incubating
>            Reporter: Kevin Meyer
>            Assignee: Kevin Meyer
>            Priority: Trivial
>             Fix For: 0.3.0-incubating
>
>
> As it stands, the file authorizer (FileAuthorizor) requires that a service/class/action explicitly be listed in the white list for it to be allowed.
> If the same service/class/action is also listed on the black list, then it is disallowed.
> I am adding the following property, which defaults to false:
> isis.authorization.file.whitelist.empty.isallowed=true
> to allow the white list to allow all by default, if the whitelist file is empty.
> This allows you to specify only those roles that are *disallowed* in the black list, while leaving the whitelist empty.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira