Changes between Initial Version and Version 2 of Ticket #293


Ignore:
Timestamp:
09.08.2012 16:02:50 (9 years ago)
Author:
jri
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #293 – Description

    initial v2  
    11Each HTTP request must pass a filter chain for authorization. The authorization check must involve the instance's ACLs entries (#262) and the user's authentication status. The user session must be represented by a server-side HTTP session whose ID is stored in a browser cookie. If request authorization fails 401 or 403 must be returned. 
     2 
     3Thanks, dgf, for pushing this topic now! 
     4and for the Spring Security hint.