DeveloperBrowser-type portlets for delegated admin can be used to assign global
admin role
------------------------------------------------------------------------------------------
Key: JS2-1100
URL: https://issues.apache.org/jira/browse/JS2-1100
Project: Jetspeed 2
Issue Type: Bug
Components: Admin Portlets
Affects Versions: 2.2.0
Reporter: Paul Anderson
There is no way for a deployer to configure preset lists (or combinations) of
allowed roles etc that a delegated administrator can assign to filtered users,
or to filter out certain roles from the list of options available. (Also no way
to set required attributes like language, which would be useful too).
So a delegated admin can give users full global admin privileges. This makes
the portlet unsuitable for production use.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
