Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
The authentication within the webconsole is done by the security provider (a plugin). With this an object is set as a request attribute about the returned user info (any object).
However, plugins might want to do a authorization check through the web console security provider. Doing so, plugins need to extract the user from the request, get the same security provider service and then invoke the service.
It would be easier to add a new User interface to the API and allow such checks through this interface and attach an object of this type to the request.