Secure profile service access ----------------------------- Key: TEIID-1055 URL: https://jira.jboss.org/jira/browse/TEIID-1055 Project: Teiid Issue Type: Task Components: AdminApi Affects Versions: 7.0 Reporter: Ramesh Reddy Fix For: 7.0 As of 7.0 M3 release, the "Profile Service" access is not secure. Currently the JOPR plug-in and Teiid Admin API, force users to authenticate with "jmx-console" security domain, both these do not prevent the direct access to the "Profile Service" EJB directly. Profile Service can be deployed as secure EJB, such that it would require a login context to be authenticated before user has access to this bean. This needs to be configured and tested. Also document, how to configure the profile service as secure service. Also, AdminFactory class, which provides Admin connections, need to work with secure "Profile Service". -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira