Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-10321

Deprecate service mapping by userID

    XMLWordPrintableJSON

    Details

      Description

      Carsten Ziegeler, Karl Pauls, for security reasons I would like to deprecate the old service user mapping by a single userID in favor of the new format that takes one or multiple principal names.
      The new format allows to keep service permissions limited to service-users as declared in the mapping and doesn't resolve declare or inherited group permissions. This gives full control over the effective permissions granted to each service and doesn't risk unrelated permission changes (e.g. to a base group like 'everyone') impacting service security.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                angela Angela Schreiber
                Reporter:
                angela Angela Schreiber
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 40m
                  40m