Project based security - Forum

Project based security

Project based security	Greg Parker	1/28/11 4:43 PM
RE: Project based security	Torsten Stolpmann	1/28/11 4:43 PM

Greg Parker Rank: Youngling Posts: 1 Join Date: 8/25/10 Recent Posts	Project based security 1/28/11 4:43 PM Does Klaros support project based security? It appears to me that once a user has been created, that user has access to all projects. There also appears to be a security bug related to creating users. I created an account with the role "tester". I logged in with this account and was able to create other users. I couldn't see the other users until I logged back in with an account with the admin role.
	Flag Please sign in to flag this as inappropriate. Top

Torsten Stolpmann Rank: Jedi Master Posts: 299 Join Date: 2/12/09 Recent Posts	RE: Project based security 1/28/11 4:43 PM as a reply to Greg Parker. Hi Greg, Does Klaros support project based security? It appears to me that once a user has been created, that user has access to all projects. Not in its current state. The currently implemented authorization scheme is definitely lacking in this area. I opened a feature request for this (KLAROS-955 - Support a project based authorization scheme). With the release of 3.0 we are beginning to concentrate on advanced features like this one, expect this to be an Enterprise Edition only feature. I created an account with the role "tester". I logged in with this account and was able to create other users. This is a known regression introduced in 3.0 (tester/manager roles are interchanged here) which is already fixed towards the upcoming 3.1. I couldn't see the other users until I logged back in with an account with the admin role. This is the intended behavior at the moment, but seems to confuse a lot of people (You are only able to see users with a lower role or yourself). We see if we find a better solution here. Thanks for your feedback! Regards Torsten
	Flag Please sign in to flag this as inappropriate. Top