Ticket #182 (new defect)

Opened 2 years ago

Last modified 10 months ago

CAS email lookup service needs to be secured

Reported by: stevec Assigned to: rich
Priority: unassigned Milestone:
Component: ambra Version: 0.5-SNAPSHOT
Keywords: Cc:
Blocking: Blocked By:

Description

The "email lookup by GUID" service on CAS needs to be restricted either to internal PLoS ONE servers only or to the user making the call. Seems like we can make use of the PGT and wrap a call to the verification servlet, take the GUID, to the lookup, and pass back the email.

Dependency Graph

Change History

03/26/07 15:01:10 changed by amit

  • owner changed from viru to stevec.

Steve, assigning this back to you. I think we have taken care of this, but just to be sure.

03/26/07 15:11:26 changed by stevec

no, this has not been taken care of.

08/07/07 16:25:51 changed by

  • milestone deleted.

Milestone Bugs deleted

10/29/07 20:37:07 changed by amit

  • owner changed from stevec to russ.

02/13/08 16:40:35 changed by russ

  • status changed from new to closed.
  • resolution set to fixed.

02/13/08 16:40:42 changed by russ

  • status changed from closed to reopened.
  • resolution deleted.

02/13/08 16:40:49 changed by russ

  • owner deleted.
  • status changed from reopened to new.

03/18/08 08:49:29 changed by amit

  • owner set to rich.