[jira] [Updated] (IGNITE-19807) Deprecate legacy authorization approach through Security Context.

Mikhail Petrov (Jira) Fri, 10 Nov 2023 10:21:10 -0800


     [ 
https://issues.apache.org/jira/browse/IGNITE-19807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Mikhail Petrov updated IGNITE-19807:
------------------------------------
    Ignite Flags: Release Notes Required  (was: Docs Required,Release Notes 
Required)

> Deprecate legacy authorization approach through Security Context.
> -----------------------------------------------------------------
>
>                 Key: IGNITE-19807
>                 URL: https://issues.apache.org/jira/browse/IGNITE-19807
>             Project: Ignite
>          Issue Type: Task
>            Reporter: Mikhail Petrov
>            Assignee: Mikhail Petrov
>            Priority: Major
>             Fix For: 2.16
>
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> We currently have several ways to check if a user has permission to perform 
> an operation.
> 1. IgniteSecurity#authorize methods that delegate permission check to 
> security plugin.
> 2. SecurityContext#*OperationAllowed methods. They currently are used just 
> for one check. This approach assumes that granted  permissions set is 
> returned during user authentication and remains immutable.
> Let's deprecate the second authorization approach and migrate completely to 
> the first.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (IGNITE-19807) Deprecate legacy authorization approach through Security Context.

Reply via email to