[jboss-as7-dev] Securing the Console

[Darran Lofthouse]

On 01/25/2011 08:41 AM, Heiko Braun wrote:
> a) One for the client server communication (which operation can a 'role' invoke?)
> b) another one discriminating which parts of the UI the user actually gets to see.

We do need to be careful that the console itself doesn't attempt to 
perform it's own restrictions with it's own authorization checking as 
this can become quite easy for administrators to become dependent on and 
not realise that their users can bypass this and call the APIs directly.

Also based on past experience I think we want to be able to document the 
security once and for it to then apply equally to all management APIs.

 From the perspective of the console I think this should be considered 
more from the point of preventing users wasting their time performing 
operations in the console that will subsequently fail when applied.

I am going to go through the example Brian has now committed to take a 
better look at these potential calls but I am wondering if it would make 
sense to have some form of "What can I do here?" or "What operations am 
I allowed to call?" calls for the console to be able to discover this?

Another aspect to consider is that values in the model can be described 
as "read only" and "read write" - would it make sense for this to also 
reflect what the user can actually do or maybe even add a "read write - 
but not for you".

Regards,
Darran Lofthouse.