Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-1348

Client applications should only see principals which have been authorised to access the application

    XMLWordPrintable

Details

    Description

      Currently, a client application can "see" all the principals in the directories configured for that application.

      Ideally, if Allow All To Authenticate on a directory is set to False, only the principals that belong to the configured groups should be visible to the application. If Allow All To Authenticate on a directory is set to True, then the current behaviour of retrieving all groups is acceptable.

      In addition to the SSC findAllPrincipalNames() method, there should be some sort of findAllAuthenticatablePrincipalNames()

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              pkamal Partha
              Votes:
              36 Vote for this issue
              Watchers:
              38 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: