Uploaded image for project: 'Jetspeed 2 (Retired)'
  1. Jetspeed 2 (Retired)
  2. JS2-27

Allow disable of Groups and Roles

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0-FINAL, 2.1
    • 2.2.0
    • Security
    • None

    Description

      In J1 a user can be disabled but not a role or a group.
      I guess disabling users will be supported by J2 to allow migration from J1.

      I would also like to be able to disable Roles and Groups.
      It would allow for really advanced access management in J2 without it
      getting in the way for who doesn't need it (could even be hidden through configuration if needed).

      To have this standard available in J2 would be very nice for most large J2 implementations. Implementation itself would be quite easy and the gain enormous.

      Adding a boolean disabled attribute to o.a.j.security.BasePrincipal
      would do it (and of course BasePrincipalImpl and the object
      model behind it). The LoginModule, UserManager, GroupManager
      and RoleManager then can decide on this attribute if the Principal may
      be used (in isUserInRole(), isGroupInRole(), etc.)

      Original discussion about this issue:
      http://nagoya.apache.org/eyebrowse/ReadMsg?listId=22&msgNo=13265

      Attachments

        Activity

          People

            firevelocity Vivek Kumar
            ate Ate Douma
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: