New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Riak security permission not inherited correctly. #469
Comments
Additional steps taken to try and grant this permission to the
|
OK, it appears that sources are not inherited, as this command fixes the initial issue:
I'm not sure if roles should also cause sources to be inherited. |
I don't think sources should be inherited, authentication is seperate from authorization. |
Doesn't the current behavior require many |
The stacktrace should be fixed, however. |
I guess my concern is that it becomes a lot less clear what source a user is using to log in if we allow sources to be inherited. It also opens up the issue of figuring out which source should be used, in the case where multiple ones are found that match the user. |
OK great we'll get this documented ... paging @lucperkins I can test the stacktrace fix whenever its available. Thanks! |
By the way, what version of Riak threw that stacktrace, was it something recent? |
2.0.0pre10 |
Fix for the stack trace is linked to this issue. |
Authentication records in http://www.postgresql.org/docs/9.3/static/auth-pg-hba-conf.html
|
Good point. I would be OK with implementing the + syntax. My main concern was it being implicit. |
But it will not make 2.0. |
@Vagabond milestone added for 2.0.1 |
Testing 2.0.0pre10.
Expected: retrieving
default
bucket type properties aslbakken
user should work sincelbakken
is in theadmin
role, andriak_core.get_bucket_type
permission has been granted toadmin
role.Observed:
lbakken
user is denied permission, however,admin
user (once given password), can retrieve the data.The text was updated successfully, but these errors were encountered: