[jboss-jira] [JBoss JIRA] (AS7-3405) Authorization Checks for Services over Remoting
Shaun Appleton (JIRA)
jira-events at lists.jboss.org
Tue Nov 27 05:36:22 EST 2012
[ https://issues.jboss.org/browse/AS7-3405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12737260#comment-12737260 ]
Shaun Appleton commented on AS7-3405:
-------------------------------------
A Customer has a requirement to have roles with the ability able to create a user that will only have access in read to mbean.
So that means to allow executing some methods depending on the role:
for "reader" role: "getAttribute" "getAttributes" "getMBeanCount"
for "writer" role: "setAttribute" "setAttributes"
for "invoker" role: "isRegistered" "isInstanceOf" "getObjectInstance"
> Authorization Checks for Services over Remoting
> -----------------------------------------------
>
> Key: AS7-3405
> URL: https://issues.jboss.org/browse/AS7-3405
> Project: Application Server 7
> Issue Type: Task
> Components: Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: Authorization
> Fix For: 7.3.0.Alpha1
>
>
> As all services are now moving to be exposed over Remoting connectors they can all be secured using the same realm. This task is to ensure each at the very least has a basis for an authorization check that can be extended for more complex service specific requirements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list