JBoss Community

RBAC Usecases

modified by Heiko Braun in JBoss AS 7 Development - View the full document
NameDescription<Reject/Accept>
Restricting access to server groups

Configuration: Server groups: "production", "staging". roles: "admin", "developer"

 

Goal: Restrict access to the production group to the "admin" role in to prevent messing with the production system

 

Implications: Server groups are part of the model but also a logical concept. I.e. restricting access to a group does imply preventing access to conceptually related entities like servers, deployments, etc.


Support clients & tools that provide their own security model

Configuration: See JON User Guide

 

Goal: Allow interaction with systems that provide their own authorization scheme

 

Implications: Systems like JON, that provide their own scheme currently can only operate the super user level


Restrict visibility of attributesSuppress attributes on responses, i.e. read-resourcearguable
Restrict visibility of operationsSuppress operations on reponses, i.e. read-operation-namesarguable
Prevent execution of operationsExecution of operations with permissions yields a security exception

 

 

 

 

 

 

 

 

 

 

 

 


Comment by going to Community

Create a new document in JBoss AS 7 Development at Community