syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francesco Chicchiriccò (JIRA) <j...@apache.org>
Subject [jira] [Created] (SYNCOPE-1152) Clear out unneeded anonymous authenticated services
Date Tue, 11 Jul 2017 08:20:00 GMT
Francesco Chicchiriccò created SYNCOPE-1152:
-----------------------------------------------

             Summary: Clear out unneeded anonymous authenticated services
                 Key: SYNCOPE-1152
                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1152
             Project: Syncope
          Issue Type: Improvement
          Components: core, enduser
            Reporter: Francesco Chicchiriccò
            Assignee: Francesco Chicchiriccò
             Fix For: 2.0.5, 2.1.0


Following the [discussion|https://wilderness.apache.org/channels/?f=apache-syncope/2017-06-28]
we had on IRC with [~coheigea], it seems that a few Entitlements, not available since earlier
versions, might be re-introduced, to properly control access to the related REST services:

* GROUP_LIST
* RESOURCE_LIST
* ANYTYPE_LIST
* ANYTYPECLASS_LIST
* SCHEMA_LIST
* SECURITY_QUESTION_LIST
* REALM_LIST

The rationale not to have such Entitlements in Syncope 1.x was that the related information
had to be made available during self-registration.

Now that we have the Enduser UI, however, it seems that it is possible to

# introduce dedicated REST endpoint(s) to serve such content for self-registration, with minimal
information (for example only group names, no need to provide extra information as attributes,
type extensions, etc.)
# restore appropriate access control for the REST endpoints to be accessed for administrative
purposes



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message