Heiko Braun [
https://community.jboss.org/people/heiko.braun] commented on the document
"Access control notes"
To view all comments on this document, visit:
https://community.jboss.org/docs/DOC-48596#comment-11924
--------------------------------------------------
This in turn implies to me that anything server side needs to be more
than just enforcement i.e. performing an authorization check at the time of an attempt to
access the model / execute an operation is the bare minimum - we potentially need to be
able to go beyond this to pro-actively identify what can or can not be accessed.
Enforcement might be a misleading term, but this is what I meant, when talkig
about the CLI and the Console. Somehow clients need to bootstrap themselves from the model
in order to suppress interaction elements.
--------------------------------------------------