geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jinmei Liao (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-3100) expose authorize* call in the SecurityService interface
Date Wed, 05 Jul 2017 15:22:00 GMT

    [ https://issues.apache.org/jira/browse/GEODE-3100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074930#comment-16074930
] 

Jinmei Liao commented on GEODE-3100:
------------------------------------

the intent of this ticket is to expose the authorizeXXX calls in an external security service,
so that function users can use them to do authorization checks in the function code. But functions
are executed usually in a remote vm where user is not logged in, so when doing that, it could
end up with an AnonymouseUser exception. We will either need to send the credentials (or the
seriazlied Subject) to the function execution thread or come up with another means of authorization
check for functions.

> expose authorize* call in the SecurityService interface
> -------------------------------------------------------
>
>                 Key: GEODE-3100
>                 URL: https://issues.apache.org/jira/browse/GEODE-3100
>             Project: Geode
>          Issue Type: Improvement
>            Reporter: Jinmei Liao
>            Assignee: Jinmei Liao
>             Fix For: 1.3.0
>
>
> these authorizeXXX calls are useful for function developers to call to authorize operations
in the function. This gives function users freedom to choose what permissions are needed to
execute this function.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message