Details

    • Type: Quality Risk
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 1.1.0
    • Component/s: None
    • Labels:
      None

      Description

      The odata access role was carried forward from Teiid to Teiid Spring Boot. We should rethink this.

      I think the reason it was originally added was for installs that were not using data roles it ensured that odata access was not wide open. It also introduced the complexity that it could be using a different security domain that the default.

      It's simplest to just remove the role requirement. As we've refined things we now are using the same realm through out and a single client for both odata and pg/jdbc access. Since it's very easy to add grant all roles to properly permissioned users or simple grant all read-only access, it does not seem necessary to further restrict odata access at the teiid level.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                shawkins Steven Hawkins
                Reporter:
                shawkins Steven Hawkins
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: