NARAYANA Member since 2010 23 posts
Posted: 2 years ago
Last activity: 2 years 7 months ago

Query on attribute based access control (ABAC) - from LSA course content

Hello, Can any of you please elaborate the following limitations of the ABAC authorization configuration?

  1. Access control policies defined on Data- classes are not enforced in search queries ( Search queries??? )
  2. Only read policies are enforced in custom SQL. (does this mean, update/delete using an RDB query would work even if RBAC config doesn't allow update/delete?)
  3. Advanced search queries (for example, search queries that reference specific properties such as pxObjClass:Work-MyProperty AND CustomerName:MyCorp) are not allowed when access control policies are defined on any Assign-, Data-, or Work- classes.

Thank you!

Pega Academy
Moderation Team has archived post
Share this page LinkedIn