[
https://issues.apache.org/jira/browse/IGNITE-5077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15988307#comment-15988307
]
Semen Boikov commented on IGNITE-5077:
--------------------------------------
Hi Dmitry,
Reviewed, looks good.
Thanks!
> Support service security permissions
> ------------------------------------
>
> Key: IGNITE-5077
> URL: https://issues.apache.org/jira/browse/IGNITE-5077
> Project: Ignite
> Issue Type: New Feature
> Components: managed services
> Reporter: Dmitry Karachentsev
> Assignee: Dmitry Karachentsev
> Fix For: 2.1
>
>
> Need to add capability to specify permissions to allow/disallow executions of
> particular services (similar to compute tasks).
> The following permissions should be added to the SecurityPermission enum:
> SERVICE_DEPLOY - for IgniteServices.deployXXX methods.
> SERVICE_CANCEL - for IgniteServices.cancel and IgniteServices.cancelAll
> methods.
> SERVICE_INVOKE - for IgniteServices.service, IgniteServices.services and
> IgniteServices.serviceProxy methods.
> SERVICE_INVOKE should allow fine-grained authorization based on service name,
> similar to TASK_EXECUTE. E.g., a particular user should be able to execute
> service A, but not service B.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
