Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

LDAP issues denying access to scopes.

Description

A few related issues, when trying to deny permission to a scope.

Ticking 'Deny Read' on a scope for "Authenticated Users" issues a message "WsAccess.PermissionAction
Please don't set deny permissions for Administrators or Authenticated Users"

It is not clear whether this is an error or a warning.
The tick remains ticked.

It should clearer if error or warning.

But I am not sure of the logic either way. i.e. why should an admin not be able to deny read on a scope to the Authenticated Users group ?

Conclusion

None

Activity

Show:

Russ Whitehead March 1, 2017 at 4:04 PM

Administrators and Authenticated Users are LDAP controlled groups which we do not create. By definition all users are a member of Authenticated Users, so denying them access to any resource means nobody will ever be able to access it (a single DENY overrides all ALLOWS).

The UI behavior is incorrect in that it should uncheck those boxes when the error occurs

Richard Chapman March 1, 2017 at 3:15 PM

Can you comment?

Jacob Cobbett-Smith February 17, 2017 at 4:49 PM

- it may just be a matter of clearing up the message and docs.

Could you clarify what's going on here, what should happen?

Fixed
Pinned fields
Click on the next to a field label to start pinning.

Details

Components

Assignee

Reporter

Priority

Fix versions

Pull Request URL

https://github.com/hpcc-systems/HPCC-Platform/pull/10895

Created February 17, 2017 at 4:48 PM
Updated March 1, 2018 at 1:25 PM
Resolved March 1, 2018 at 1:25 PM