Darran Lofthouse [
https://community.jboss.org/people/dlofthouse] commented on the
document
"Access control notes"
To view all comments on this document, visit:
https://community.jboss.org/docs/DOC-48596#comment-11919
--------------------------------------------------
In the general tasks section there are a couple of lines mentioning "Enforce
Permissions" in web console and CLI - I would suggest there should be no mention on
client side enforcement as that is just not enforcement - all of that needs to be on the
server side.
What these clients do need is appropriate meta data to be returned to allow them to be
able to still run intuitively against the server. The alternative is each client needs to
be updated to understand the permissions model and act accordingly, the down side of this
is now we need to maintain it in multiple locations with
This in turn implies to me that anything server side needs to be more than just
enforcement i.e. performing an authorization check at the time of an attempt to access the
model / execute an operation is the bare minimum - we potentially need to be able to go
beyond this to pro-actively identify what can or can not be accessed.
As we have mentioned previously for any permissions schema to be secure it needs to be
understandable, one possibility here is to look at ways to show the effect of the
currently defined permissions scheme on the domain model. This could be something along
the lines of generating a report which visualises the tree and highlights what can and can
not be accessed by a specific user / role - alternatively social networks commonly have a
view profile as option to see what others can see, this could be a mode to consider in the
console.
Some of these items might be out of scope for this phase of development but just wanted to
raise them so we can at least take them into account.
--------------------------------------------------