Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-1348

Client applications should only see principals which have been authorised to access the application

    XMLWordPrintable

    Details

      Description

      Currently, a client application can "see" all the principals in the directories configured for that application.

      Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

      In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              pkamal Partha Kamal
              Votes:
              36 Vote for this issue
              Watchers:
              39 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: