JBoss Community

AS 7.1.0 Beta1 - Security Enabled By Default

new comment by Vedran Mikulcic View all comments on this document

How does the web management application authenticate users then? I'm building an web service that will enable users to add and remove JNDI datasources remotely and, if possible, would like to use that same mechanism to allow this only to the users that know their jboss credentials.

 

Removing access from the auth folder works (i.e. only then ModelControllerClient.Factory.create actually throws an exception on wrong credentials), but mantaining that on 500+ JBoss instalations on various platforms would be a nightmare.

 

Any help would be most appreciated :)