[teiid-issues] [JBoss JIRA] (TEIID-2948) Implement Access Controls on management operations in Teiid
Ramesh Reddy (JIRA)
issues at jboss.org
Fri May 9 08:59:56 EDT 2014
[ https://issues.jboss.org/browse/TEIID-2948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ramesh Reddy resolved TEIID-2948.
---------------------------------
Resolution: Done
Based on instructions,
* Translator and Transport have been defined as application based resources
* All the sensitive information in the configuration is marked as such. So a person with out in sufficient privileges will not be able to see certain properties
* Marked all the operations on Teiid that do modifications to runtime state as such, which will be considered as write sensitive operations and authorized as such
Note that RBAC features are by default turned OFF in EAP. However in the case when the user turns these on, Designer and other tooling such as web-console need to use users with sufficient privileges to carry out tasks. Otherwise they will end up with errors.
Only 8.7.x branch currently has RBAC as it is supported only in > EAP 6.2, latest master does not contain RBAC feature.
> Implement Access Controls on management operations in Teiid
> -----------------------------------------------------------
>
> Key: TEIID-2948
> URL: https://issues.jboss.org/browse/TEIID-2948
> Project: Teiid
> Issue Type: Feature Request
> Components: Server
> Reporter: Ramesh Reddy
> Assignee: Ramesh Reddy
> Fix For: 8.7.1
>
>
> EAP 6.2 and above provides facilities to implement access controls on the management operations. Teiid should implement them on the management operations so that they can be controlled by access level of the user.
> Unfortunately this is not in EAP 6.1.Alpha, so it becomes hard to pull the changes upstream into 8.8
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
More information about the teiid-issues
mailing list