> > Obviously we can not integrate these permission models. The only thing we > need to do is to share the User store between components. In Active > Directory case Carbon uses Active Directory users. But here I think you need > to let JMS Queue to use Carbon users and roles. >
+1. That is exactly what I need to do. But my question was how to define permission levels when it is not possible to have a Registry resource attached to your entity. I can have resources attached for existing JMS queues. The problem arises when you are to restrict "creating" new entities. Because it does not exist and hence does not have a Registry path assigned to it. That is why I am going to have Registry resource of some sort attached to entities in my rule at the time of rule definition so that my rule interpreter can help the authz manager figure out permission levels. (AmilaJ came up with the same idea too). Hope you get my point. Thanks, Danushka
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
