You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stratos.apache.org by "Dakshika Jayathilaka (JIRA)" <ji...@apache.org> on 2015/05/19 16:23:59 UTC
[jira] [Commented] (STRATOS-1422) Non-Admin user can access the
restricted pages by directly typing through the URL
[ https://issues.apache.org/jira/browse/STRATOS-1422?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14550514#comment-14550514 ]
Dakshika Jayathilaka commented on STRATOS-1422:
-----------------------------------------------
This can be fix by using pageValidate(r) function. Need to have list of permissions to each page. can you list down permission that we need to add to each page.
> Non-Admin user can access the restricted pages by directly typing through the URL
> ---------------------------------------------------------------------------------
>
> Key: STRATOS-1422
> URL: https://issues.apache.org/jira/browse/STRATOS-1422
> Project: Stratos
> Issue Type: Bug
> Reporter: Vishanth
> Assignee: Dakshika Jayathilaka
>
> Example - Non Admin user is restricted to add users, but non-admin user can directly go into the URL [https://localhost:9443/console/users/users/new/] and access the page.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)