I created a JIRA for this [1]. I hope this can be fixed in Carbon 4.3.0 Thanks!
[1] https://wso2.org/jira/browse/CARBON-14966 On Sun, Aug 17, 2014 at 10:32 PM, Isuru Perera <[email protected]> wrote: > Hi Danushka, > > No, if you look at ManagementPermission [1], it only allows "control" & > "monitor" as the permission names. > > But as you said, we also need to use different permissions for different > APIs. > > [1] > http://docs.oracle.com/javase/7/docs/api/java/lang/management/ManagementPermission.html > > > On Sun, Aug 17, 2014 at 1:47 AM, Danushka Fernando <[email protected]> > wrote: > >> And further more that AFAIU we can use this Management permission with >> different strings. >> On Aug 17, 2014 2:16 PM, "Danushka Fernando" <[email protected]> wrote: >> >>> Hi Isuru and all >>> >>> The problem I see is not we are using Management permission, but using >>> same permission everywhere. Because of that all secured endpoint s in >>> carbon either can be exposed or blocked. We cannot block some and allow >>> some. >>> On Aug 17, 2014 1:23 AM, "Isuru Perera" <[email protected]> wrote: >>> >>>> Hi all, >>>> >>>> In Carbon, we use ManagementPermission [1] to check security. See >>>> org.wso2.carbon.base.CarbonBaseUtils.checkSecurity() method [2]. >>>> >>>> Instead of checking ManagementPermission [1], I think we must use our >>>> own permissions to check security in CarbonContext APIs. The >>>> ManagementPermission [1] is used for a different purposes. >>>> >>>> Shall we introduce new Permission classes for future Carbon releases? >>>> >>>> Thanks! >>>> >>>> Best Regards, >>>> >>>> [1] >>>> http://docs.oracle.com/javase/7/docs/api/java/lang/management/ManagementPermission.html >>>> [2] >>>> https://svn.wso2.org/repos/wso2/carbon/kernel/branches/4.2.0/core/org.wso2.carbon.base/4.2.0/src/main/java/org/wso2/carbon/base/CarbonBaseUtils.java >>>> >>>> -- >>>> Isuru Perera >>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >>>> Lean . Enterprise . Middleware >>>> >>>> about.me/chrishantha >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Isuru Perera > Senior Software Engineer | WSO2, Inc. | http://wso2.com/ > Lean . Enterprise . Middleware > > about.me/chrishantha > -- Isuru Perera Senior Software Engineer | WSO2, Inc. | http://wso2.com/ Lean . Enterprise . Middleware about.me/chrishantha
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
