Hi Paul, So basically, you want RBAC on the webconsole. Correct ?
It's not possible today without changing the webconsole. It's a good idea to add such feature.
Regards JB On 12/09/2016 12:52 PM, Paul McCulloch wrote:
Hi, I'm trying to prevent access to shell:exec from the console to try and harden my karaf install. I can revoke access from an admin user with "config:property-set -p org.apache.karaf.command.acl.shell exec uberadmin". I can also prevent the user from using config:property-set from restoring the permissions. What I can't seem to do is prevent an admin user from restoring permissions via the web console's Configuration gui. I want to permit remote access to the web console, but I don't want to give users the ability to run arbitrary commands on the server. Thanks, Paul
-- Jean-Baptiste Onofré [email protected] http://blog.nanthrax.net Talend - http://www.talend.com
