Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-1976

Gui URL authorization broken

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 3.0 (Newton)
    • Fix Version/s: 3.1 (Sinan)
    • Component/s: GUI, Model
    • Labels:
      None

      Description

      These URLs have AuthorizationConstants.AUTZ_DENY_ALL

      <idm>/capability
      <idm>/admin/config/bulk

      but they can be accessed. First can be accessed by anonymous/signed in user. Second can be accessed by signed in user. These URLs (as a sample, there are more of them) should not be accessible at all (testing pages, unfinished stuff etc.)

        Attachments

          Activity

            People

            Assignee:
            lazyman Viliam Repan
            Reporter:
            lazyman Viliam Repan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: