Uploaded image for project: 'Syncope'
  1. Syncope
  2. SYNCOPE-1152

Clear out unneeded anonymous authenticated services

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.0.5, 2.1.0
    • Component/s: core, enduser
    • Labels:
      None

      Description

      Following the discussion we had on IRC with Colm O hEigeartaigh, it seems that a few Entitlements, not available since earlier versions, might be re-introduced, to properly control access to the related REST services:

      • GROUP_LIST
      • RESOURCE_LIST
      • ANYTYPE_LIST
      • ANYTYPECLASS_LIST
      • SCHEMA_LIST
      • SECURITY_QUESTION_LIST
      • REALM_LIST

      The rationale not to have such Entitlements in Syncope 1.x was that the related information had to be made available during self-registration.

      Now that we have the Enduser UI, however, it seems that it is possible to

      1. introduce dedicated REST endpoint(s) to serve such content for self-registration, with minimal information (for example only group names, no need to provide extra information as attributes, type extensions, etc.)
      2. restore appropriate access control for the REST endpoints to be accessed for administrative purposes

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ilgrosso Francesco Chicchiriccò
                Reporter:
                ilgrosso Francesco Chicchiriccò
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: