question about UserDataManager
9 views
Skip to first unread message
Stefan Scheiber
Jan 8, 2014, 9:30:54 AM1/8/14
to openen...@googlegroups.com
Hello,
I have a few questions regarding security.
Why is the AdminAccessConnector bound to the UserDataManagerImpl bean instead of the service?
If a new userdatamanager implementation is provided with a higher ranking the AdminAccessConnector would still work with the UserDataManagerImplBean, which in this case wouldn't be initialized (thus, the admin user is unknown). However, my understanding is that the AdminAccessConnector grants access to any user having RootPermission, irrespective which userdatamanager provides the user.
Would it be okay to bind the AdminAccessConnector to the UserDataManager service?
kind regards,
stefan
I have a few questions regarding security.
Why is the AdminAccessConnector bound to the UserDataManagerImpl bean instead of the service?
If a new userdatamanager implementation is provided with a higher ranking the AdminAccessConnector would still work with the UserDataManagerImplBean, which in this case wouldn't be initialized (thus, the admin user is unknown). However, my understanding is that the AdminAccessConnector grants access to any user having RootPermission, irrespective which userdatamanager provides the user.
Would it be okay to bind the AdminAccessConnector to the UserDataManager service?
kind regards,
stefan
Andreas Pieber
Jan 9, 2014, 2:28:03 AM1/9/14
to OpenEngSB
Hey Stefan,
I've just read the code and tried to link it with what we've though at that time :-) @CGr please correct me if you can remember something else :)Kind regards,
Andreas
--
You received this message because you are subscribed to the Google Groups "OpenEngSB developer discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openengsb-de...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Reply all
Reply to author
Forward
0 new messages