Christian Mueller created GEOS-5101:
---------------------------------------
Summary: Use qualified role names whenever necessary
Key: GEOS-5101
URL: https://jira.codehaus.org/browse/GEOS-5101
Project: GeoServer
Issue Type: Bug
Affects Versions: 2.2-beta1
Reporter: Christian Mueller
Assignee: Christian Mueller
The new security subsystem allows roles to be derived from different role services. The danger of name clashes is obvious.
Out of the box, there are system roles like ROLE_ADMINISTRATOR and roles from the default role service (e. g. ROLE_XXX). Additionally, roles may be injected by third party role authorities like a J2EE container. There are a lot of more possibilities.
Whenever it is necessary, the system should use qualified role names like
system:ROLE_ADMINISTRATOR
default:ROLE_XXX
Additionally, migration code has to migrate rest.properties,layers.properties and service.properties to use qualified role names.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira