You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "Sharmadha Sainath (JIRA)" <ji...@apache.org> on 2017/07/31 08:58:00 UTC
[jira] [Created] (ATLAS-2009) Any non-admin user in
users-credentials.properties is able to access /api/atlas/admin path
Sharmadha Sainath created ATLAS-2009:
----------------------------------------
Summary: Any non-admin user in users-credentials.properties is able to access /api/atlas/admin path
Key: ATLAS-2009
URL: https://issues.apache.org/jira/browse/ATLAS-2009
Project: Atlas
Issue Type: Bug
Components: atlas-core
Reporter: Sharmadha Sainath
Priority: Critical
Any non-admin user (ex: rangertagsync) specified in conf/users-credentials.properties is able to access the /api/atlas/admin path. Is this expected ?
One of the use cases is Export and Import API's ,which should be permitted only by admin user to be executed. But any user is able to execute it.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)