-
1. Re: fine grain authorisation with JSR 160
dimitris Feb 15, 2007 4:46 AM (in response to lpiccoli)JBossMX does not implement JSR160, however, when you use jdk5 you should be able to use the jdk5 implementation of jsr160. I'm not aware of some examples how to do this, expect maybe for using jconsole to connect to a jvm running jboss. If you look in the wiki you'll find a couple of examples for this.
-
2. Re: fine grain authorisation with JSR 160
lpiccoli Feb 15, 2007 11:42 PM (in response to lpiccoli)i really need a JMX web based console not a remote client console.
how can one achieve fine grain authorisation using JBossMX and a 3rd party web console?
by fine grain authoristion i mean, user 'A' can only modify attribute 'a' on MBean 'AA' but read all other attributes on MBean 'A'.
I was hoping to utilise the existing security and roles for other web application running on JBoss. However it seems that web-console will need to implement the authorisation itself. Is that reasonable?
OR
can the JBossMX be replaced by a 3rd party JMX server that does offer JSR160 security?
how have other solved authorisation issues on JBossMX?
many thanks
-lp -
3. Re: fine grain authorisation with JSR 160
rzorzorzo Apr 7, 2007 4:24 AM (in response to lpiccoli)using http://sourceforge.net/project/stats/?group_id=143425&ugn=rzomx
you can connect to jboss using rmi.
all mbeans of jboss are then transparently visible in rzomx and you may invoke all operations as if the mbeans were within rzomx. the only difference is that the domain of the mbean will have a prefix: <some name>/<jboss-domain>.
since rzomx is based on mx4j you may use the security of jsr160.
within rzomx you may use any of the http adapters available. for example mx4j http adapter, rzomx http adapter, ajax4jmx.
if you have further questions post them on the rzomx site.