Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-272 Jsecurity Integration
  3. NEXUS-410

JSEC: Authentication should take user status into account

    XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0-beta
    • Component/s: None
    • Labels:
      None

      Description

      The user's status should be checked when authenticate.

      if active, everything is a-ok

      if disabled, authentication should fail
      if expired, authentication should suceed, but authorizations will fail? (not quite sure how to handle this case, as we need to let the user send the change password rest call)
      if locked, authenticiation should fail (w/ a notification of locked back to calling party)

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            Anonymous Anonymous
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 3h
                3h

                  tigCommentSecurity.panel-title