Uploaded image for project: 'Karaf'
  1. Karaf
  2. KARAF-4439

Prevent user authentication (shell & JMX) if he doesn't have role

          Details

          • Type: Bug
          • Status: Resolved
          • Priority: Critical
          • Resolution: Fixed
          • Affects Version/s: None
          • Fix Version/s: 4.0.9, 4.1.1
          • Component/s: karaf
          • Labels:
            None

            Description

            Right now, if an user doesn't have any role defined, he can logon and perform "non" critical operations (the "critical" operation).

            We should define a minimum role required for login and prevent users access if they don't have the minimum role (before the ACL).

              Attachments

                Issue Links

                is duplicated by

                Bug - A problem which impairs or prevents the functions of the product. KARAF-4425 LDAP: user without Gourp/Role can connect via SSH

                • Major - Major loss of function.
                • Resolved

                  Activity

                    People

                    • Assignee:
                      jbonofre Jean-Baptiste Onofré
                      Reporter:
                      jbonofre Jean-Baptiste Onofré
                    • Votes:
                      4 Vote for this issue
                      Watchers:
                      5 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: