[CAUSEWAY-2719] with secman, Impersonation does not correctly figure out permissions of switched user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-M6
Component/s: None
Labels:
None

Description

Two separate (perhaps completely separate?) issues here:

for shiro.ini, we don't support "impersonateWithRoles", so my guess is that we keep the same roles as the original.

for secman, we ignore the roles specified using "impersonateWithRoles", because ApplicationUser#getPermissionSet joins across to the roles in the database, rather than the set of roles that are in the UserMemento.

Attachments

Activity

People

Assignee:: Daniel Keir Haywood

Reporter:: Daniel Keir Haywood

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 03/Jun/21 07:54

Updated:: 25/Aug/21 14:33

Resolved:: 01/Aug/21 23:30