[jboss-dev-forums] [JBoss AS 7 Development] - Access control notes
Heiko Braun
do-not-reply at jboss.com
Mon Apr 22 02:36:30 EDT 2013
Heiko Braun [https://community.jboss.org/people/heiko.braun] commented on the document
"Access control notes"
To view all comments on this document, visit: https://community.jboss.org/docs/DOC-48596#comment-11924
--------------------------------------------------
> This in turn implies to me that anything server side needs to be more than just enforcement i.e. performing an authorization check at the time of an attempt to access the model / execute an operation is the bare minimum - we potentially need to be able to go beyond this to pro-actively identify what can or can not be accessed.
>
Enforcement might be a misleading term, but this is what I meant, when talkig about the CLI and the Console. Somehow clients need to bootstrap themselves from the model in order to suppress interaction elements.
--------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130422/eaab3684/attachment.html
More information about the jboss-dev-forums
mailing list