Re: [jboss-as7-dev] Out of the Box - Management API Security

From: "Darran Lofthouse" <darran.lofthouse(a)jboss.com&gt; To: jboss-as7-dev(a)lists.jboss.org Sent: Monday, February 7, 2011 7:26:39 AM Subject: [jboss-as7-dev] Out of the Box - Management API Security From the requirements the APIs used to access the server need to be secured and there also needs to be the possibility of integrating with existing infrastructure - however what do we need for the out of the box experience? Within prior AS releases default security configuration would generally be provided using login modules that read the users, their password and their roles from properties files. These files would be static and for updates they would need to be edited by hand. For AS7 would we also use a statically defined approach like this or for the out of the box security configuration would we be looking for an approach where the users and their roles can also be configured through the management APIs?

Regards, Darran Lofthouse. _______________________________________________ jboss-as7-dev mailing list jboss-as7-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-as7-dev