[ https://issues.apache.org/jira/browse/OFBIZ-4130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13259496#comment-13259496 ]
Pierre Smits commented on OFBIZ-4130: ------------------------------------- Hans, I believe you do not fully understand the issue at hand. I am NOT talking about the admin (as you call it the super tenant user) of the main delegator, who indeed must be able to administer and add tenants. I am talking about users of tenants who have been granted the role of 'SECURITYADMIN' to manage/maintain data thru webtools for their own tenant. These users can see details of all tenants in tables 'Tenant', TenantComponent' and 'TenantDataSource'. And that is a situation you would not want. Regards, Pierre > Tenant super user (tenant admin) can view all database details of all tenants > ----------------------------------------------------------------------------- > > Key: OFBIZ-4130 > URL: https://issues.apache.org/jira/browse/OFBIZ-4130 > Project: OFBiz > Issue Type: Bug > Components: framework > Affects Versions: Release Branch 10.04, SVN trunk > Reporter: Pierre Smits > Priority: Critical > Fix For: Release Branch 10.04, SVN trunk > > Attachments: OFBIZ-4130-MultiTenant-visibilty.patch > > > When a new tenant is created and the super user of the tenant (the > tenant-admin) logs in to WebTools and views the tables Tenant and > TenantDataSource he/she can see all details of the tenant databases, incl > TenantName, userID and password of the tenant databases. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira