[jboss-dev-forums] [Management Development] New message: "Re: How to impose role based security through management objects/profile service"
John Mazzitelli
do-not-reply at jboss.com
Fri Jan 8 16:09:21 EST 2010
JBoss development,
A new message was posted in the thread "How to impose role based security through management objects/profile service":
http://community.jboss.org/message/519055#519055
Author : John Mazzitelli
Profile : http://community.jboss.org/people/mazz
Message:
--------------------------------------------------------------
I can tell you how JON does it. The security model is wrapped around the abstract management model (in other words, JON relies on its own security mechanism, as opposed to relying on JBossAS security to do things like prohibit invoking operations or configuring things - this is how JON allows for the same security model to secure all types of managed resources in a generic way).
http://rhq-project.org/display/JOPR2/Security+Model
That link shows the different times of security permissions you can get. So, its possible you can view a resource but you can't do things like configure it or run operations on it. But again, this is at a layer above JBossAS (its at the management platform layer).
I'm not sure if this is helpful, but that's what it is wrt JON.
--------------------------------------------------------------
To reply to this message visit the message page: http://community.jboss.org/message/519055#519055
More information about the jboss-dev-forums
mailing list