Return-Path: Delivered-To: apmail-portals-jetspeed-dev-archive@www.apache.org Received: (qmail 87680 invoked from network); 22 Feb 2007 08:16:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Feb 2007 08:16:30 -0000 Received: (qmail 83756 invoked by uid 500); 22 Feb 2007 08:16:38 -0000 Delivered-To: apmail-portals-jetspeed-dev-archive@portals.apache.org Received: (qmail 83058 invoked by uid 500); 22 Feb 2007 08:16:36 -0000 Mailing-List: contact jetspeed-dev-help@portals.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Jetspeed Developers List" Delivered-To: mailing list jetspeed-dev@portals.apache.org Received: (qmail 83003 invoked by uid 500); 22 Feb 2007 08:16:35 -0000 Delivered-To: apmail-jakarta-jetspeed-dev@jakarta.apache.org Received: (qmail 82997 invoked by uid 99); 22 Feb 2007 08:16:35 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Feb 2007 00:16:35 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Feb 2007 00:16:25 -0800 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 873087141A3 for ; Thu, 22 Feb 2007 00:16:05 -0800 (PST) Message-ID: <3537029.1172132165535.JavaMail.jira@brutus> Date: Thu, 22 Feb 2007 00:16:05 -0800 (PST) From: "David Sean Taylor (JIRA)" To: jetspeed-dev@jakarta.apache.org Subject: [jira] Created: (JS2-655) Entity Editor Broken MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Entity Editor Broken -------------------- Key: JS2-655 URL: https://issues.apache.org/jira/browse/JS2-655 Project: Jetspeed 2 Issue Type: Bug Components: Ajax Affects Versions: 2.1-dev Reporter: David Sean Taylor Assigned To: David Sean Taylor Priority: Minor Fix For: 2.1-dev Entity Editor has been broken for a long time. Also, the entity editor is unsecured. Propose fixing this bug by retrofitting onto a "ajax-direct" pipeline keyed of the /ajax pipeline mapping Also assign a security behavior to the ajax valve to give it RBAC security, locking out all AJAX calls not authorized by a list of trusted roles -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org For additional commands, e-mail: jetspeed-dev-help@portals.apache.org