Management ACL lacks the ability to perform queryMBean operation for non-admin
users
------------------------------------------------------------------------------------
Key: QPID-3844
URL: https://issues.apache.org/jira/browse/QPID-3844
Project: Qpid
Issue Type: Bug
Components: Java Broker
Affects Versions: 0.15
Reporter: Alex Rudyy
Fix For: 0.15
Existing user accounts with limited rights (non admin uses) cannot login into
management console due to error: "Permission denied: Access queryMBeans".
For example, ACL for the guest account can be configured like following
#Allow 'guest' to perform read operations on the Serverinformation mbean and
view logger levels
ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement"
name="viewEffectiveRuntimeLoggerLevels"
but "guest" user still is not be able to login because current implementation
does not allow invocation of queryMBeans operation for non-admin accounts.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
