gtully commented on code in PR #4820: URL: https://github.com/apache/activemq-artemis/pull/4820#discussion_r1519877310
########## docs/user-manual/security.adoc: ########## @@ -68,6 +68,14 @@ This permission allows the user to browse a queue bound to the matching address. manage:: This permission allows the user to invoke management operations by sending management messages to the management address. +The following two permissions pertain to operations on the management apis of the broker. They split management operations into two sets, read only for `view`, and `update` for mutating operations. The split is controlled by a regular expression. Methods that match will require the `view` permission, all others require `update`. The regular expression can be modified through the configuration attribute `view-permission-method-match-pattern`. These permissions are applicable using a suffix on the management address, and with a `jmx.` prefix for MBean access. + +view:: +This permission allows access to a read-only subset of management operations. + +update:: +This permission allows access to the mutating management operations, any operation not in the `view` set. + Review Comment: thanks, linking in to other two sections. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: gitbox-unsubscr...@activemq.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
