[wildfly-dev] WFLY-705: how should access restrictions get configured?

Hi I'm trying to come up with implementation for https://issues.jboss.org/browse/WFLY-705 where a user should be able to restrict access to the management service by IP and UserAgent. The filters are implemented and now I'm up to come up with the configuration options. I'm thus asking for input. From a noob (sorry, I'm not very intimate with wildfly/undertow yet) perspective <access-control> looks like a compelling tag to be nested into <management-interfaces><http-interface>. Even though <access-control> is used for RBAC currently, the code for it looks abstract enough to get reused. Any ideas? Cheers André