[ http://wso2.org/jira/browse/REGISTRY-200?page=comments#action_15379 ] Glen Daniels commented on REGISTRY-200: ---------------------------------------
While it's true anonymous users shouldn't be able to edit, it's also true that no one should be able to edit the password or friendly name of the anonymous user at all, right? > Anonymous user can edit anonymous user's friendly name or password. > ------------------------------------------------------------------- > > Key: REGISTRY-200 > URL: http://wso2.org/jira/browse/REGISTRY-200 > Project: WSO2 Registry > Issue Type: Bug > Components: Authorizations > Affects Versions: SNAPSHOT > Environment: Ubuntu 7.10, JDK 1.5.0_08, tomcat 6.0.14, Firefox/2.0.0.8 > Reporter: Krishantha Samaraweera > Assigned To: Chathura Ekanayake > > How to recreate: > 1. load the registry system. > 2. go to peoples page as anonymous user. > 3. click on to anonymous user name. > 4. in next page you can edit password and friendly name. > Anonymous users should not allowed to edit password or friendly name of any > user. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://wso2.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira _______________________________________________ Registry-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
