Details

      Description

      Previously we were able to detect in-vm calls as they did not have a Subject established on the AccessControlContext.

      Switching to WildFly Elytron we are guaranteed to always have a SecurityIdentity as by default an anonymous one will always be created.

      This task is to add an API for in-vm calls backed by security manager based permission checks to allow tasks to be executed "bypassing" access control. Our default implementation is role based so this bypass will work by assuming the SuperUser role.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                dlofthouse Darran Lofthouse
                Reporter:
                dlofthouse Darran Lofthouse
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: