[higgins-dev] AuthZ observation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] AuthZ observation

From: "Jim Sermersheim" <jimse@xxxxxxxxxx>
Date: Tue, 25 Mar 2008 17:33:36 -0600
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

Duane made this observation:

* If AuthZ allows us to express something like "UserX has OperationY access to ResourceZ", then we must disallow renames of entities.

** Otherwise, if the "UserX" or "ResourceZ" entities are renamed, we have a problem where the AuthZ is disconnected.

*** Worse, if UserX is removed, and another one added, they will be unwittingly granted access.

This is especially true if we allow the AuthZ to be managed by a layered CP, because the underlying Context might be directly accessed to perform a rename, leaving the upper "authZ CP" unaware of the fact that it has a disconnected authZ statement.

Follow-Ups:
- Re: [higgins-dev] AuthZ observation
  - From: Prateek Mishra
- RE: [higgins-dev] AuthZ observation
  - From: Drummond Reed

Prev by Date: Re: [higgins-dev] Problems running STS on Tomcat6 using JVM 1.6.x
Next by Date: Re: [higgins-dev] Problems running STS on Tomcat6 using JVM 1.6.x
Previous by thread: [higgins-dev] Problems running STS on Tomcat6 using JVM 1.6.x
Next by thread: RE: [higgins-dev] AuthZ observation
Index(es):
- Date
- Thread

Breadcrumbs