Re: [jboss-as7-dev] Out of the Box - Management API Security

----- Original Message ----- > From: "Darran Lofthouse"<darran.lofthouse(a)jboss.com> > To: jboss-as7-dev(a)lists.jboss.org > Sent: Monday, February 7, 2011 7:26:39 AM > Subject: [jboss-as7-dev] Out of the Box - Management API Security > From the requirements the APIs used to access the server need to be > secured and there also needs to be the possibility of integrating with > existing infrastructure - however what do we need for the out of the > box > experience? > > Within prior AS releases default security configuration would > generally > be provided using login modules that read the users, their password > and > their roles from properties files. These files would be static and for > updates they would need to be edited by hand. > > For AS7 would we also use a statically defined approach like this or > for > the out of the box security configuration would we be looking for an > approach where the users and their roles can also be configured > through > the management APIs? I would personally love to see the properties files disappear. It has always felt crude. Andy > > Regards, > Darran Lofthouse. > _______________________________________________ > jboss-as7-dev mailing list > jboss-as7-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/jboss-as7-dev