Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 11.0.0, 11.0.1, 11.0.2, 11.0.3, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 13.0.0, 13.5.0
    • Fix Version/s: None
    • Component/s: documentation
    • Labels:
    • Needs backport:
      No
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      No (add reasons in the comment)

      Description

      OpenAM 13.5.0 offers the following privileges

      Read and write access to all realm and policy properties	
      Read and write access to all log files	
      Read access to all log files	
      Write access to all log files	
      Read and write access to all configured Agents	
      Read and write access to all federation metadata configurations	
      REST calls for reading realms	
      Read and write access for policy administration (includes related REST endpoints)	
      REST calls for policy evaluation	
      REST calls for reading policies	
      REST calls for managing policies	
      REST calls for reading policy applications	
      REST calls for modifying policy applications	
      REST calls for reading policy resource types	
      REST calls for modifying policy resource types	
      REST calls for reading policy application types
      REST calls for reading environment conditions
      REST calls for reading subject conditions	
      REST calls for reading decision combiners
      REST calls for reading subject attributes
      REST calls for modifying session properties.
      

      but it's not documented in details what a specific privilege adheres to.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bthalmayr Bernhard Thalmayr
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: