[jboss-jira] [JBoss JIRA] (AS7-1519) Simple Domain Management Role Based Permissions

[Joe Kemp (JIRA)]

    [ https://issues.jboss.org/browse/AS7-1519?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12761382#comment-12761382 ] 

Joe Kemp commented on AS7-1519:
-------------------------------

We are using standalone configurations but have similar concerns about multiple levels of security.  At a minimum we would like to be able to secure the management interfaces (Administrative Console and JMX) with the following three levels:

Read Only
Operation - Deploy/Undeploy Enable/Disable Deployments.  No configuration changes are permitted.
Administrator - Full Access

We use LDAP so ideally these levels could be tied to LDAP groups.
                
> Simple Domain Management Role Based Permissions
> -----------------------------------------------
>
>                 Key: AS7-1519
>                 URL: https://issues.jboss.org/browse/AS7-1519
>             Project: Application Server 7
>          Issue Type: Sub-task
>          Components: Domain Management, Security
>    Affects Versions: 7.0.0.Final
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>              Labels: Authorization
>             Fix For: 8.0.0.Alpha1
>
>
> Implement some coarse permissions for domain operations.  Possibly allowing a break down for subsystem, profile, server, server-group - maybe read - write - execute. 
> Also consider confidentiality in exchange e.g. Can read metrics over http but must use https to add new server.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira