[jboss-dev-forums] [Design of Messaging on JBoss (Messaging/JBoss)] - Re: Another security configuration issue
timfox
do-not-reply at jboss.com
Thu Apr 30 08:25:10 EDT 2009
"gaohoward"
What's interesting is that 'jms.topic.news.europe.europeTopic' matches both 'jms.topic.#' and 'jms.topic.news.europe.#'. So I expect
that it will return three roles: user, europe-user and news-user. But it actually returns 2 - europe-user and news-user.
[/quote wrote :
|
| Returning just europe-user and news-user would be correct.
|
| Security settings are not inherited. I.e. the more specific matching set of permissions should take precedence.
|
| We need it that way otherwise we wouldn't be able to deny any roles on a more specific match, like I mentioned in my previous post.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4227859#4227859
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4227859
More information about the jboss-dev-forums
mailing list