And further more that AFAIU we can use this Management permission with different strings. On Aug 17, 2014 2:16 PM, "Danushka Fernando" <[email protected]> wrote:
> Hi Isuru and all > > The problem I see is not we are using Management permission, but using > same permission everywhere. Because of that all secured endpoint s in > carbon either can be exposed or blocked. We cannot block some and allow > some. > On Aug 17, 2014 1:23 AM, "Isuru Perera" <[email protected]> wrote: > >> Hi all, >> >> In Carbon, we use ManagementPermission [1] to check security. See >> org.wso2.carbon.base.CarbonBaseUtils.checkSecurity() method [2]. >> >> Instead of checking ManagementPermission [1], I think we must use our own >> permissions to check security in CarbonContext APIs. The >> ManagementPermission [1] is used for a different purposes. >> >> Shall we introduce new Permission classes for future Carbon releases? >> >> Thanks! >> >> Best Regards, >> >> [1] >> http://docs.oracle.com/javase/7/docs/api/java/lang/management/ManagementPermission.html >> [2] >> https://svn.wso2.org/repos/wso2/carbon/kernel/branches/4.2.0/core/org.wso2.carbon.base/4.2.0/src/main/java/org/wso2/carbon/base/CarbonBaseUtils.java >> >> -- >> Isuru Perera >> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >> Lean . Enterprise . Middleware >> >> about.me/chrishantha >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
