[
https://issues.apache.org/jira/browse/SYNCOPE-905?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15376301#comment-15376301
]
fabio martelli commented on SYNCOPE-905:
----------------------------------------
Catch java.security.AccessControlException into the rest clients in order to be
more robust to such errors.
See user edit missing group, roles or resources entitlements.
> Wrong entitlement evaluation
> ----------------------------
>
> Key: SYNCOPE-905
> URL: https://issues.apache.org/jira/browse/SYNCOPE-905
> Project: Syncope
> Issue Type: Bug
> Components: console
> Affects Versions: 2.0.0-M4
> Reporter: fabio martelli
> Fix For: 2.0.0
>
>
> Perform an entitlement validation review in order to be compliant with the
> core one.
> For instance, it seems that user edit/create (available) button click results
> in an exception returned by the core if the caller missing the right
> entitlements having USER_READ, USER_SEARCH and USER_LIST only.
> Further, GROUP tab under Realms page seems to be available missing GROUP
> entitlements as well. Click on it results in an error.
> Furthermore, security question page seems to be available missing
> entitlements as well.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
