Matthias Hanel 99921725a9 Ensuring that an untrusted account is not held in memory ...

The check that an account has to be signed by a configured operator is
done after fetch as well. As a consequence an account claim will never
become an Account in memory.
The original check during client or leaf authentication is left in
place.

Adding unit tests.
Modifying existing tests to not rely on an account but it's name instead.

Signed-off-by: Matthias Hanel <mh@synadia.com>

2020-07-27 11:59:49 -04:00

19 KiB

Raw Blame History

View Raw