[ http://jira.magnolia.info/browse/MAGNOLIA-1532?page=all ]
Sameer Charles resolved MAGNOLIA-1532.
--------------------------------------
Fix Version/s: 3.1 M3
(was: 3.1)
Resolution: Fixed
> JAAS - Authorization modules should only be responsible to add ACL
> ------------------------------------------------------------------
>
> Key: MAGNOLIA-1532
> URL: http://jira.magnolia.info/browse/MAGNOLIA-1532
> Project: Magnolia
> Issue Type: Improvement
> Components: security
> Affects Versions: 3.1 M1
> Reporter: Sameer Charles
> Assigned To: Sameer Charles
> Fix For: 3.1 M3
>
>
> Current implementation of JCR Authorization module forces you to duplicate
> users in JCR even if authentication source is external.
> IMHO
> - Authentication module should check for credentials (like it is now) in
> addition collect groups and roles together with details like user language,
> email etc..
> - Authorization module can use above information to read access control list
> for this user
> this will help us develope authentication modules for any data/directory
> source without having to duplicate users in JCR
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/docs/en/editor/stayupdated.html
----------------------------------------------------------------
