attributes being returned without any authorizations for DB users only

Topics: General Topic
Oct 1, 2014 at 5:07 PM

I'm working on implementing NetSqlAzMan in my project, and I've noticed an odd behavior.. I make use of attributes attached to Roles heavily.

What I have noticed is that if the user is an Active Directory user, then only the attributes for roles that the user is authorized higher than Neutral in are returned.

If, however, the user is a DB user, then all attributes from all roles are returned, even though the user is not authorized above Neutral in any role.

Is this expected? Am I missing something? Do others see this behavior?


Oct 16, 2014 at 6:22 PM
I was able to solve this -- in looking at the code, there is quite a bit of code duplication between the Windows user auth checks vs the DB user auth checks.. It looks like the fix for only returning attributes from authorized entries was added to the Windows check function, but not the DB user check function. I copied the code down, and the library started working the way I expect.

How can I submit a patch to be integrated upstream?


Oct 20, 2014 at 6:47 AM
please use "Source Code" / "Patches" to submit patches.
Ty for your work.