Feature #8544
If no role is authenticated, an "Anonymous" role should be returned.
| Status: | Resolved | Start date: | 2010-06-29 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assigned To: | Andreas Förthner | % Done: | 100% |
|
| Category: | Security | |||
| Target version: | TYPO3 Flow Base Distribution - 1.0 alpha 10 | |||
| PHP Version: | Complexity: | |||
| Has patch: |
Description
This can be done in the security context, by returning a fixed role, when no other role is authenticated.
Associated revisions
[+FEATURE] FLOW3 (Security): Implemented the "Everybody" role that is always applied in the security context and configured in the policy. Resolves #8544.
History
#1 Updated by Andreas Förthner about 5 years ago
After discussing this we came to the following conclustion:
- You will always have a role called "Everybody", no matter, if you are authenticated or not.
- This role will be set in the policy by the policy service. So it is not overwriteable.
#2 Updated by Andreas Förthner about 5 years ago
- Status changed from Accepted to Resolved
- % Done changed from 0 to 100
Applied in changeset r4761.
#3 Updated by Karsten Dambekalns about 5 years ago
- Target version set to 1.0 alpha 10