[
https://issues.apache.org/activemq/browse/SM-1915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=55434#action_55434
]
Gert Vanthienen commented on SM-1915:
-------------------------------------
@Claus: I don't think the annotations themselves support it and the goal was
not only to provide the basic authorization scheme, but also to allow people
who e.g. use an LDAP JAAS LoginModule to implement more sophisticated policies.
However, I do think we should be able to integrate this with something like
AspectJ e.g. so we can use the pointcut language to describe the security
constraints in a format that's easier to work with than the standard java
policy file.
> Support more fine-grained authorization on JMX access
> -----------------------------------------------------
>
> Key: SM-1915
> URL: https://issues.apache.org/activemq/browse/SM-1915
> Project: ServiceMix
> Issue Type: Bug
> Components: servicemix-core
> Affects Versions: 3.2.3, 3.3.1
> Reporter: Gert Vanthienen
> Assignee: Gert Vanthienen
> Fix For: 3.2.4, 3.3.2
>
> Attachments: SM-1915.diff
>
>
> Currently, access to the JMX console access is being controlled by a JAAS
> login module. Once logged in to the JMX console, every user is allowed to do
> anything with the provided MBeans.
> This issue aims to add support for basic authorization control as well as
> provide a hook for implementing more fine-grained authorization schemes. The
> basic scheme should allow 'admin' users to do anything and limit the normal
> users to read-only operations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
