Bug 3224 - CAS expects objects with exact name match to be enrolled prior to assertion generation
: CAS expects objects with exact name match to be enrolled prior to assertion g...
Status: RESOLVED FIXED
: CAS/SAML utilities
CAS
: development
: PC Windows XP
: P3 normal
: ---
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2005-04-25 14:57 by
Modified: 2005-05-02 11:26 (History)


Attachments
Patch to fix this bug (3.33 KB, patch)
2005-04-25 14:58, Rachana Ananthakrishnan
Details


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2005-04-25 14:57:10
Currently, if an assertion is requested on object, it is required to be 
enrolled in the CAS database, even if rights have been granted for the 
object because of policy on some other object (like if a wildcard condition 
covers it). For example, if I have permission to file/read on ftp://some/dir/*, 
then to get an assertion for ftp://some/dir/foo, I need to enroll it as an 
object. I need not have explicit permission for ftp://some/dir/foo though.
------- Comment #1 From 2005-04-25 14:58:12 -------
Created an attachment (id=591) [details]
Patch to fix this bug
------- Comment #2 From 2005-05-02 11:26:14 -------
Fix committed to trunk and globus_4_0_branch