Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-9704

REST fine grained security support

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Unresolved
    • Major
    • None
    • None
    • None
    • None

    Description

      Currently the REST server requires authentication but does not offer authorization capabilities. The new REST API described in ISPN-8535 requires that invocations on resources can be restricted on a per user/role basis.

      Examples:
      /GET on /rest/v2/

      {cacheName} should be allowed for all authenticated users

      /POST on /rest/v2/{cacheName}

      should be restricted to users having the ADMIN role

      Role MONITOR could have permission only to do GET on /rest/v2/caches/mycache/stats

      Attachments

        Issue Links

          relates to

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ISPN-8736 REST endpoint authorization

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ISPN-9688 Internal REST server modularization

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              Unassigned Unassigned
              gfernand@redhat.com Gustavo Fernandes (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: