Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #645 (closed)

Opened 12 years ago

Closed 12 years ago

Add interceptor for @RolesAllowed to OMERO.blitz

Reported by: jamoore Owned by: jamoore
Priority: critical Milestone: 3.0-Beta2
Component: Security Version: 3.0-Beta1
Keywords: blitz, security, roles, iteration4 Cc:
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description

Currently, OmeroBlitz has no method-level security since the @RolesAllowed enforcement is done by the application server. There needs to be an interceptor added to the blitz stack.

Change History (1)

comment:1 Changed 12 years ago by jmoore

  • Resolution set to fixed
  • Status changed from new to closed

r1392 contains an implementation for this. There are optimizations to be had, but this will work for now.

See #664 and #665

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.79476 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!