Uploaded image for project: 'Security'
  1. Security
  2. SECURITY-71

Consider backwards compatibility with ACLs defined in JCR roles and users

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Neutral
    • None
    • None

    Description

      As 6.3 aims to support permissions/ACLs via MP config, consider backwards compatibility needs:

      • Delegation: either chain evaluation of JCR ACLs behind MP permissions (delegate to current UriSecurityFilter and similar), supports gradual migration for projects.
      • or MP security for new projects only: rely on one MicroProfile config property (or absence thereof) to enable the new security evaluation alone, or disable it completely; would eventually require an all-at-once migration for projects.

      Additional note: even if customers don't strictly need to update, the old ways will be perceived as legacy/deprecated, so they generally want to stay up-to-date, so let's facilitate porting, minimize the overhead, auto-conversion possibilities, etc.

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              mgeljic Mikaël Geljić
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Checklists

                  Task DoR