Hello,
I have a few questions regarding security.
Why is the AdminAccessConnector bound to the UserDataManagerImpl bean instead of the service?
If a new userdatamanager implementation is provided with a higher ranking the AdminAccessConnector would still work with the UserDataManagerImplBean, which in this case wouldn't be initialized (thus, the admin user is unknown). However, my understanding is that the AdminAccessConnector grants access to any user having RootPermission, irrespective which userdatamanager provides the user.
Would it be okay to bind the AdminAccessConnector to the UserDataManager service?
kind regards,
stefan