I'm working on a jmx service (running in dropwizard with guice for DI, but this is not really important). We're also exposing our mxbeans as rest endpoints using jolokia.
Since our rest endpoints are hidden away inside of the jolokia framework, it seems the right thing to do is to use Shiro as the security provider for the mbean server (haven't figured out how to hook in yet), and then to also hook into jolokia's security framework - perhaps using a custom jolokia 'restrictor' - in order to get jolokia to return proper authN/Z http error codes. Just wondering if anyone in the community has experimented with something like this? Thanks, John -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-coverage-of-jolokia-interfaces-in-jmx-environment-tp7580057.html Sent from the Shiro User mailing list archive at Nabble.com.
