What do you think about automatically give guest access to jGuardFilter URIs (except for indexURI)?
In other words, jGuardFilter's URIs (except indexURI) would always permit access.
I don't know if it would create some kind of side effect ...
- Inácio Ferrarini.
i'm agree with you... and it is already implemented in jGuard 1.1 release!
some details of the implementation:
"always granted permissions" are registered from:
- ProvisioningServicePoint (registerPermission and registerProcessPermission)
- AuthenticationBindings (authenticationFailedPermission, logonPorcessPermission,LogonPermission,indexPermission, logoffPermission).
depending on the web framework, it can match an URI (URLPermission with HttpServlet-based framework like Struts), or another resource (JSFPermission and so on...).
Hi, Charles and Inácio!
I don't agree in granting registerPermission and registerProcessPermission automatically. I think that in some cases a System Administrator maybe wouldn't like to give users access to self registration to avoid spamers or anything else.
For AuthenticationBindings I agree with you.
to be precise, the mechanism is present in PolicyEnforcementPoint class, in the constructor:
you can see that if the ProvisioningServicePoint implementation is not set, (like in the use case explained by André), no registerPermission nor RegisterProcessPermission is granted.
so, if you don't configure a ProvisioningServicePoint, your need will be fullfilled.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.