Shiboleth default roles are applied also to anonymous user and user logged-in
with other methods
------------------------------------------------------------------------------------------------
Key: DS-309
URL: http://jira.dspace.org/jira/browse/DS-309
Project: DSpace 1.x
Issue Type: Bug
Components: DSpace API
Affects Versions: 1.5.2
Reporter: Andrea Bollini
Assignee: Andrea Bollini
Fix For: 1.6.0
The getSpecialGroup method doesn't check if there is any user logged in and go
ahead to process any default roles or affiliation/group mapping included in the
configuration this allow anonymous user to take advantage of the default shib
roles.
In addition if wehave more then one authentication method configured, as for
example the x509 method, we are not able to know from which method an user come
from, this mean that also adding a check in the getSpecialGroup to see if an
user is logged in we will continue to give default shib roles also to user that
are logged in from another authentication method.
I'm going to fix this bug storing in the user session the auth method used for
the login. A patch will be posted soon.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.dspace.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
