[
https://issues.apache.org/activemq/browse/SM-1915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=55432#action_55432
]
Claus Ibsen commented on SM-1915:
---------------------------------
Gert yeah I do agree that I know of none who uses the java policy files for
security.
Only frameworks does it a little bit, and/or when you need to get that export
restricted key length policy file from the US to use it in EU on your JDK.
I wonder though if on the spring JMX annotations is an attribute to specify a
role? Then you could maybe do it on the mbean itself?
e.g. in Camel we have annotated mbean classes for JMX management. So if we
could set role="admin" for the special write operations that would be cool.
> Support more fine-grained authorization on JMX access
> -----------------------------------------------------
>
> Key: SM-1915
> URL: https://issues.apache.org/activemq/browse/SM-1915
> Project: ServiceMix
> Issue Type: Bug
> Components: servicemix-core
> Affects Versions: 3.2.3, 3.3.1
> Reporter: Gert Vanthienen
> Assignee: Gert Vanthienen
> Fix For: 3.2.4, 3.3.2
>
> Attachments: SM-1915.diff
>
>
> Currently, access to the JMX console access is being controlled by a JAAS
> login module. Once logged in to the JMX console, every user is allowed to do
> anything with the provided MBeans.
> This issue aims to add support for basic authorization control as well as
> provide a hook for implementing more fine-grained authorization schemes. The
> basic scheme should allow 'admin' users to do anything and limit the normal
> users to read-only operations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
