[jboss-as7-dev] Independent / Orphaned Hosts
Darran Lofthouse
darran.lofthouse at jboss.com
Tue Feb 8 12:01:38 EST 2011
From some discussions today it has become apparent that we may need to
receive requests over the management APIs on hosts not currently
connected to a domain controller. The hosts may not be connected either
because the domain controller has gone or because they are a new host
not currently connected to a domain controller.
From a securing the management APIs perspective could it be reasonable
to consider this a special case and maybe approach it with a host
specific user account defined that if used to connect to the host will
only allow verification of the domain controller connection and
modification of the domain controller connection.
Anything beyond that would require a domain controller connection so
that the full configuration for management API security can be pulled
from the domain controller.
Regards,
Darran Lofthouse.
More information about the jboss-as7-dev
mailing list