Uploaded image for project: 'Teiid Spring Boot'
  1. Teiid Spring Boot
  2. TEIIDSB-85

Remove the need for an odata role

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XMLWordPrintable

    • Icon: Quality Risk Quality Risk
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0
    • None
    • None
    • None

      The odata access role was carried forward from Teiid to Teiid Spring Boot. We should rethink this.

      I think the reason it was originally added was for installs that were not using data roles it ensured that odata access was not wide open. It also introduced the complexity that it could be using a different security domain that the default.

      It's simplest to just remove the role requirement. As we've refined things we now are using the same realm through out and a single client for both odata and pg/jdbc access. Since it's very easy to add grant all roles to properly permissioned users or simple grant all read-only access, it does not seem necessary to further restrict odata access at the teiid level.

              rhn-engineering-shawkins Steven Hawkins
              rhn-engineering-shawkins Steven Hawkins
              Archiver:
              rhn-support-adandapa Aitik Dandapat (Inactive)

                Created:
                Updated:
                Resolved:
                Archived: