[jboss-as7-dev] Securing the Console
Heiko W.Rupp
hrupp at redhat.com
Fri Jan 21 12:04:46 EST 2011
Am 21.01.2011 um 16:20 schrieb Brian Stansberry:
> To me, "simple permissions" means if you can authenticate as an admin,
> you're root. Everything else below is "complex permissions."
One may (as we discussed on the phone iirc) have three categories:
- root
- deploy + view
- view only
If the REST verbs would be used, GET could be filtered for read-only,
and all allowed for root - and the deploy role would need some
filtering on the url.
But then urls could also be constructed in a way of
/metric/domain/x/subsystem/y/...
/deploy/server-group/x/..
/<other>/....
Which can be relatively easy be matched to the above three roles.
But then I am fine with "root" - only being present
pilhuhn
More information about the jboss-as7-dev
mailing list