Bugzilla – Full Text Bug Listing
| Summary: | [Security] Provide console command to add users with passwords | ||
|---|---|---|---|
| Product: | [Modeling] EMF | Reporter: | Esteban DUGUEPEROUX <esteban.dugueperoux> |
| Component: | cdo.core | Assignee: | Eike Stepper <stepper> |
| Status: | CLOSED FIXED | QA Contact: | Eike Stepper <stepper> |
| Severity: | enhancement | ||
| Priority: | P3 | CC: | stepper |
| Version: | 4.3 | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Bug Depends on: | 417300 | ||
| Bug Blocks: | |||
|
Description
Esteban DUGUEPEROUX
The security model and framework assume that write access always includes read access, as well. I think that's normally okay but the security model's own UserPassword class is a little different. Administrators should be able to write to it (ideally just reset it to a value which gets only known to the user, not the admin!) but never read it. As explained above we can't implement/declare this special access (write/no read) in the model. Rather we need to handle this case separately in the framework ;-( I'm closing this bug as wontfix, but made the scope of bug 399306 broader instead. Ok I understand your point of view. Thanks. We have get around by using our own securityManager extending the default one and overriding createRealm(), thanks again :) I'm working on a console command that may help in the meantime. ---CDO commands--- cdo adduser <repository-name> <username> [<password>] - adds a user to the security realm of a repository commit 60c44e19b2b7cd168e55948d7ad18c2fa65d91e0 Closing. Closing. |