You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@stratos.apache.org by "Dakshika Jayathilaka (JIRA)" <ji...@apache.org> on 2015/05/19 16:23:59 UTC

[jira] [Commented] (STRATOS-1422) Non-Admin user can access the restricted pages by directly typing through the URL

    [ https://issues.apache.org/jira/browse/STRATOS-1422?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14550514#comment-14550514 ] 

Dakshika Jayathilaka commented on STRATOS-1422:
-----------------------------------------------

This can be fix by using pageValidate(r) function. Need to have list of permissions to each page. can you list down permission that we need to add to each page. 

> Non-Admin user can access the restricted pages by directly typing through the URL
> ---------------------------------------------------------------------------------
>
>                 Key: STRATOS-1422
>                 URL: https://issues.apache.org/jira/browse/STRATOS-1422
>             Project: Stratos
>          Issue Type: Bug
>            Reporter: Vishanth
>            Assignee: Dakshika Jayathilaka
>
> Example - Non Admin user is restricted to add users, but non-admin user can directly go into the URL [https://localhost:9443/console/users/users/new/] and access the page.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)