Hi, and thanks for maintaining WISE.
I am the new systems operator for NTNU TWISE, a WISE deployment in Taiwan. While getting familiar with the codebase I did a focused review of the authentication and access control code and found a handful of issues. I have opened a small, self-contained pull request for each so they are easy to review or decline individually. All are branched off the latest develop, follow the existing commit conventions, and build on JDK 17. I am happy to rebase, split, combine, or adjust any of them.
Ready for review (small, contained, no behavior change for normal users):
Proposals that change runtime behavior, opened as drafts because they need verification on a running instance:
For the two drafts I am happy to provide staging evidence or to narrow the scope. The WebSocket same-origin change is intentionally left out of #327.
No rush at all, and please feel free to close anything that does not fit the project's direction. Thank you for taking a look.
Hi, and thanks for maintaining WISE.
I am the new systems operator for NTNU TWISE, a WISE deployment in Taiwan. While getting familiar with the codebase I did a focused review of the authentication and access control code and found a handful of issues. I have opened a small, self-contained pull request for each so they are easy to review or decline individually. All are branched off the latest
develop, follow the existing commit conventions, and build on JDK 17. I am happy to rebase, split, combine, or adjust any of them.Ready for review (small, contained, no behavior change for normal users):
/admin/**rule)Proposals that change runtime behavior, opened as drafts because they need verification on a running instance:
For the two drafts I am happy to provide staging evidence or to narrow the scope. The WebSocket same-origin change is intentionally left out of #327.
No rush at all, and please feel free to close anything that does not fit the project's direction. Thank you for taking a look.