Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0-FINAL, 2.1
    • Fix Version/s: 2.2.0
    • Component/s: Security
    • Labels:
      None

      Description

      In J1 a user can be disabled but not a role or a group.
      I guess disabling users will be supported by J2 to allow migration from J1.

      I would also like to be able to disable Roles and Groups.
      It would allow for really advanced access management in J2 without it
      getting in the way for who doesn't need it (could even be hidden through configuration if needed).

      To have this standard available in J2 would be very nice for most large J2 implementations. Implementation itself would be quite easy and the gain enormous.

      Adding a boolean disabled attribute to o.a.j.security.BasePrincipal
      would do it (and of course BasePrincipalImpl and the object
      model behind it). The LoginModule, UserManager, GroupManager
      and RoleManager then can decide on this attribute if the Principal may
      be used (in isUserInRole(), isGroupInRole(), etc.)

      Original discussion about this issue:
      http://nagoya.apache.org/eyebrowse/ReadMsg?listId=22&msgNo=13265

        Activity

        Hide
        Ate Douma added a comment -
        Show
        Ate Douma added a comment - Will be implemented by http://issues.apache.org/jira/browse/JS2-151
        Hide
        Ate Douma added a comment -

        I'm going to implement this feature, together with JS2-21, independent of JS2-151 to be able to get it into 2.0-FINAL release.

        Show
        Ate Douma added a comment - I'm going to implement this feature, together with JS2-21 , independent of JS2-151 to be able to get it into 2.0-FINAL release.
        Hide
        Ate Douma added a comment -

        I'm going to implement this feature, together with JS2-21, independent of JS2-151 to be able to get it into 2.0-FINAL release.

        Show
        Ate Douma added a comment - I'm going to implement this feature, together with JS2-21 , independent of JS2-151 to be able to get it into 2.0-FINAL release.
        Hide
        Ate Douma added a comment -

        I have this feature fully working locally, but it depends on functionality from JS-21 which I just rolled back (partially) for the 2.0-FINAL release.
        There isn't enough time left to finish this fully.
        These issues will be picked up again after ApacheCON, so hopefully version 2.1 will have them.

        Show
        Ate Douma added a comment - I have this feature fully working locally, but it depends on functionality from JS-21 which I just rolled back (partially) for the 2.0-FINAL release. There isn't enough time left to finish this fully. These issues will be picked up again after ApacheCON, so hopefully version 2.1 will have them.
        Hide
        Ate Douma added a comment -

        Another one I retargeted incorrect

        Show
        Ate Douma added a comment - Another one I retargeted incorrect
        Hide
        Ate Douma added a comment -

        Resolution will take too much time to make it for the 2.1 release

        Show
        Ate Douma added a comment - Resolution will take too much time to make it for the 2.1 release
        Hide
        Ate Douma added a comment -

        Vivek, can you please check the constraint handling part of this isssue (e.g. if on Subject creation no disabled principals are used)?

        Show
        Ate Douma added a comment - Vivek, can you please check the constraint handling part of this isssue (e.g. if on Subject creation no disabled principals are used)?
        Hide
        Vivek Kumar added a comment -

        Improvements changes are done.
        Now User can disable User, role and group from Administrative portlets
        Disable roles and groups will not be part of user subject.

        Show
        Vivek Kumar added a comment - Improvements changes are done. Now User can disable User, role and group from Administrative portlets Disable roles and groups will not be part of user subject.

          People

          • Assignee:
            Vivek Kumar
            Reporter:
            Ate Douma
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development