[
https://issues.apache.org/jira/browse/JS2-27?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ate Douma updated JS2-27:
-------------------------
Fix Version/s: 2.2-dev
Affects Version/s: 2.1
> Allow disable of Groups and Roles
> ---------------------------------
>
> Key: JS2-27
> URL: https://issues.apache.org/jira/browse/JS2-27
> Project: Jetspeed 2
> Issue Type: Improvement
> Components: Security
> Affects Versions: 2.1, 2.0-FINAL
> Reporter: Ate Douma
> Assigned To: Ate Douma
> Fix For: 2.2-dev
>
>
> In J1 a user can be disabled but not a role or a group.
> I guess disabling users will be supported by J2 to allow migration from J1.
> I would also like to be able to disable Roles and Groups.
> It would allow for really advanced access management in J2 without it
> getting in the way for who doesn't need it (could even be *hidden* through
> configuration if needed).
> To have this standard available in J2 would be very nice for most large J2
> implementations. Implementation itself would be quite easy and the gain
> enormous.
> Adding a boolean disabled attribute to o.a.j.security.BasePrincipal
> would do it (and of course BasePrincipalImpl and the object
> model behind it). The LoginModule, UserManager, GroupManager
> and RoleManager then can decide on this attribute if the Principal may
> be used (in isUserInRole(), isGroupInRole(), etc.)
> Original discussion about this issue:
> http://nagoya.apache.org/eyebrowse/ReadMsg?listId=22&msgNo=13265
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
