[Acceptance Criteria Only] Verify all authentication schemas

Description

Authentication schemas that have to be tested:

Activity

Show:
All Replies
May 11, 2018, 4:15 PM

[This comment has been reassigned to allreplies@alfresco.com as part of the Alfresco cloud migration project. The author of this comment was ctopala] Verified using https://bamboo.alfresco.com/bamboo/browse/ACT-ABS395-40

All Replies
May 11, 2018, 4:21 PM

[This comment has been reassigned to allreplies@alfresco.com as part of the Alfresco cloud migration project. The author of this comment was ctopala] What do we think about the following scenario: when impersonating an user that doesn't exist in APS, the call goes through without any problems.

User1 exists in APS and Keycloak.

User2 exists only in APS.

User1 impersonates User2 to perform a Rest call.

This is probably an isolated case, as users will most likely be synced to APS, but in the remote case that an user exists only in APS and it's impersonated, do we want to block the impersonation or do we leave it as it is? 

All Replies
October 31, 2020, 12:18 PM

[This issue has been reassigned to allreplies@alfresco.com as part of the Alfresco cloud migration project. The reporter of this issue was rspatariu]

Resolved

Assignee

Unassigned

Reporter

All Replies

Labels

None

Delivery Team

None

Release Train

None

Sprint

None

Priority

Unprioritized