Brian Stansberry [
https://community.jboss.org/people/brian.stansberry] commented on the
document
"Access control notes"
To view all comments on this document, visit:
https://community.jboss.org/docs/DOC-48596#comment-11948
--------------------------------------------------
Anil Saldhana wrote:
> Heiko Braun wrote:
>
>
> talking to darran: it seems the secuirty subsystem is only used for application
level security and clearly separated from the adminstrative secuirty. Can sombody confirm
this?
>
Ideally it should be the location of all security configuration. I do encourage moving
the configuration to the security subsystem.
For a standalone server, the security-subsystem leaks out to management security via
this:
https://github.com/wildfly/wildfly/blob/master/build/src/main/resources/d...
https://github.com/wildfly/wildfly/blob/master/build/src/main/resources/d...
Basically, the management security realm can delegate to a JAAS security domain configured
in the subystem.
To consolidate all security configuration in the security "subsystem" requires
adding some sort of extension/subsystem notion to the Host Controller. But that's too
big a change to make for EAP 6.2.
--------------------------------------------------