Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

[08:23:56 CST(-0600)] <TonyUnicon> good morning Patty, did you schedule the meeting for today? I didn't get anything

[08:25:11 CST(-0600)] <Patty_> on the list of to-dos for this morning

[08:25:16 CST(-0600)] <Patty_> I will send here in a bit

[09:35:49 CST(-0600)] <TonyUnicon> good morning Dan, I have a question about the security stuff

[09:36:03 CST(-0600)] <TonyUnicon> for unauthenticated mode

[09:36:17 CST(-0600)] <dmccallum54> k

[09:36:19 CST(-0600)] <TonyUnicon> how do we allow these requests when a user is not signed in

[09:36:28 CST(-0600)] <TonyUnicon> is it possible?

[09:37:01 CST(-0600)] <dmccallum54> i think so. one sec.

[09:44:58 CST(-0600)] <TonyUnicon> also, what is the mvn goal to minify javascript? it does not seem to do it on install

[09:46:44 CST(-0600)] <dmccallum54> ok… security… there are a few different url spaces for mygps right… there's the fragment space (owned by the portal), there's the api space, and there's the portal-independent UI space

[09:48:07 CST(-0600)] <dmccallum54> for the fragment space, you're never going to be accessing that anonymously, right? you'd only be going that route if you've decided you need to authenticate and the portal needs somewhere to redirect you. so we might not need to do anything special there

[09:49:55 CST(-0600)] <dmccallum54> for the API space… i dont see any special interceptors configured for that space… which means security should depend entirely on method-level annotations. so i think we'd just need to go through those and figure out which ones can/should be accessible anonymously

  • No labels