[ http://issues.apache.org/jira/browse/JS2-27?page=all ]
Ate Douma updated JS2-27:
-------------------------
Fix Version: 2.0-POST
(was: 2.0-FINAL)
Version: 2.0-FINAL
(was: 2.0-POST)
Another one I retargeted incorrect
> Allow disable of Groups and Roles
> ---------------------------------
>
> Key: JS2-27
> URL: http://issues.apache.org/jira/browse/JS2-27
> Project: Jetspeed 2
> Type: Improvement
> Components: Security
> Versions: 2.0-FINAL
> Reporter: Ate Douma
> Assignee: Ate Douma
> Fix For: 2.0-POST
>
> In J1 a user can be disabled but not a role or a group.
> I guess disabling users will be supported by J2 to allow migration from J1.
> I would also like to be able to disable Roles and Groups.
> It would allow for really advanced access management in J2 without it
> getting in the way for who doesn't need it (could even be *hidden* through
> configuration if needed).
> To have this standard available in J2 would be very nice for most large J2
> implementations. Implementation itself would be quite easy and the gain
> enormous.
> Adding a boolean disabled attribute to o.a.j.security.BasePrincipal
> would do it (and of course BasePrincipalImpl and the object
> model behind it). The LoginModule, UserManager, GroupManager
> and RoleManager then can decide on this attribute if the Principal may
> be used (in isUserInRole(), isGroupInRole(), etc.)
> Original discussion about this issue:
> http://nagoya.apache.org/eyebrowse/ReadMsg?listId=22&msgNo=13265
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
