-
1. Re: JBossESB: Authorization at operation level for an ESB Proxy
This and the security_basic quickstart are probably good starting points :
https://community.jboss.org/wiki/JBossLDAPAuthenticationWithJAAS
-
2. Re: JBossESB: Authorization at operation level for an ESB Proxy
hi Tom thanks for the response. I already have implementation for jaas authentication & authorization at service level but I want to control the authorizations at the operation level of the service.
-
3. Re: JBossESB: Authorization at operation level for an ESB Proxy
I'm confused what you are asking for here - do you mean you want to control authorizations at the action level? Or at the read/write operation level?
-
4. Re: JBossESB: Authorization at operation level for an ESB Proxy
Tom sorry for the confusion. I have an ESB Proxy ValidateProductProxy for an underlying service ValidateProductService which has two operations validateCatalog and fetchProductDetails.
I have the following roles configured in my ldap role1,role2,role3 and role4.
validateCatalog - should allow users with the roles role1,role2 and role4
fetchProductDetails - should allow users with roles role4.
In jboss-esb.xml
<security moduleName="authLdap" rolesAllowed="role1,role2"/> we can configure roles at the service level . My question is can we configure roles at operation level ?