XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0-beta
    • Component/s: None
    • Labels:
      None

      Description

      A read-only realm which obtains user/role/permission mappings from NexusSecurityConfiguration. Security UI uses MutableNexusSecurityConfiguration to modify users/roles/permission mappings and specifically not a JSecurity interface.

      There are two types of permission in Nexus: application permissions and target repository permission. The application permission is a simple http request URI + http verb permission as seen in the Servlet spec. The target repository permission is checked using repository target + CRUD operation. The repository target is calculated outside of the security system and is based on a collection of repository regular expressions. Additionally, a target repository permission can be assigned to a group of targets. When the realm sees a permission for a group of targets, it will explode that group into a permission object for each target in the group (this vastly simplifies the implementation).

      This realm will use the generic JSecurity WildcardPermission for all permission checks to make integration with other security frameworks (e.g., OpenSSO) easier.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            Anonymous Anonymous
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 11h
                11h
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 11h
                11h

                  tigCommentSecurity.panel-title