You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Jesse McConnell (JIRA)" <ji...@codehaus.org> on 2006/12/09 01:52:41 UTC

[jira] Closed: (CONTINUUM-1016) group rename breaks security roles

     [ http://jira.codehaus.org/browse/CONTINUUM-1016?page=all ]

Jesse McConnell closed CONTINUUM-1016.
--------------------------------------

       Resolution: Fixed
    Fix Version/s: 1.1

fixed this finally

issue was that dynamic roles were not getting renamed from top to bottom completely because the string name indices of jpox were silently _not_ updating despite the set operations we have on them

> group rename breaks security roles
> ----------------------------------
>
>                 Key: CONTINUUM-1016
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-1016
>             Project: Continuum
>          Issue Type: Bug
>          Components: Web - Security
>    Affects Versions: 1.1
>            Reporter: Jesse McConnell
>         Assigned To: Jesse McConnell
>             Fix For: 1.1
>
>
> When a group is renamed the corresponding dynamic roles are no longer linked up correctly so authz fails for all subsequent checks
> resolution is two parts: 
> a) validate on continuum startup that all groups have corresponding roles created, and if missing then generate them
> b) on group rename update the existing roles to reflect the change

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira