You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Ate Douma (Assigned) (JIRA)" <je...@portals.apache.org> on 2011/09/27 05:02:14 UTC
[jira] [Assigned] (JS2-1100) DeveloperBrowser-type portlets for
delegated admin can be used to assign global admin role
[ https://issues.apache.org/jira/browse/JS2-1100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ate Douma reassigned JS2-1100:
------------------------------
Assignee: Ate Douma (was: David Sean Taylor)
> DeveloperBrowser-type portlets for delegated admin can be used to assign global admin role
> ------------------------------------------------------------------------------------------
>
> Key: JS2-1100
> URL: https://issues.apache.org/jira/browse/JS2-1100
> Project: Jetspeed 2
> Issue Type: Bug
> Components: Admin Portlets
> Affects Versions: 2.2.0, 2.2.1
> Reporter: Paul Anderson
> Assignee: Ate Douma
> Labels: delegated, portlet, security
> Fix For: 2.2.2
>
>
> There is no way for a deployer to configure preset lists (or combinations) of allowed roles etc that a delegated administrator can assign to filtered users, or to filter out certain roles from the list of options available. (Also no way to set required attributes like language, which would be useful too).
> So a delegated admin can give users full global admin privileges. This makes the portlet unsuitable for production use.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org