[
https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13142344#comment-13142344
]
Robert Savage edited comment on KARAF-979 at 11/2/11 5:48 PM:
--------------------------------------------------------------
Just thinking out loud but perhaps some configuration file for managing access
control over (existing) shell commands both discrete commands by name and
perhaps groups of commands by scope.
Ideally long term it would be nice to support an optional attribute/annotation
"roles" for commands, thus when creating new custom bundles that extend the
console and add new commands, these commands could intrinsically support the
access-control roles convention.
was (Author: rrsavage):
Just thinking out loud but perhaps some configuration file for managing
access control over (existing) shell commands both discrete commands by name
and perhaps ground of commands by scope.
Ideally long term it would be nice to support an optional attribute/annotation
"roles" for commands, thus when creating new custom bundles that extend the
console and add new commands, these commands could intrinsically support the
access-control roles convention.
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role,
> shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See:
> http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a means to define more granular level of user access to see
> (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a
> configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that
> has full access to all commands, scripting, introspection, etc. And a "user"
> level of access that perhaps only provides access to a limited number of
> commands. Additionally "user" level access would disallow scripting and
> introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
