Hi Francesco, I understand that REST methods are exposed, for example self registering user can choose from Roles he wish to be in during sef-registration process, so this is needed. But I was talking about UI console. For example, I have the UI deployed at http://mysyncope.net/syncope-ui/. And I can access UI tabs like http://mysyncope.net/syncope-ui/roles or http://mysyncope.net/syncope-ui/schema even when not logged in. This will also change in 1.2.0?
Thanks a lot for your time and help. Regards. 2013/8/28 Francesco Chicchiriccò <[email protected]> > On 28/08/2013 08:56, Marcin Sośnicki wrote: > >> Hello, >> >> I have a question: I am using Apache Syncope at version 1.2.0-SNAPSHOT. I >> have noticed that it is possible, while not logged in, to browse resources >> like /roles, /schema and /resources. Is it intentional? Non admin users >> also have access to these resources. I would appreciate your help, as maybe >> there are reasons for such behaviour. >> > > Hi Marcin, > if you search our mailing list archives, you will find some discussion > about this topic: basically, some REST resources are available as anonymous > in order to enable the self-registration feature [1]. > > Anyway, as reported in our roadmap [2] (more specifically [3]), this is > going to change in 1.2.0. > > Hope this clarifies. > Regards. > > [1] https://cwiki.apache.org/**confluence/display/SYNCOPE/** > Handle+user+requests+%**28including+self+registration%**29<https://cwiki.apache.org/confluence/display/SYNCOPE/Handle+user+requests+%28including+self+registration%29> > [2] > https://cwiki.apache.org/**confluence/display/SYNCOPE/**Roadmap<https://cwiki.apache.org/confluence/display/SYNCOPE/Roadmap> > [3] > https://issues.apache.org/**jira/browse/SYNCOPE-132<https://issues.apache.org/jira/browse/SYNCOPE-132> > > -- > Francesco Chicchiriccò > > ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member > http://people.apache.org/~**ilgrosso/<http://people.apache.org/~ilgrosso/> > >
