1 Reply Latest reply on Jun 22, 2007 5:49 PM by Mark Little

    Security Capabilities

    Ciro Cavani Novice


      I want to know about implementation of ACL (Athentication / Authorization) and security stuff on next version (4.2) and for future versions.

      For now, if I undestood right, this capabilities are not available as part of JESB. I read this on button of page 16 of Programmers Guide (pdf from trunk):

      Access control lists (ACLs) are important and complimentary to security protocols, such as WS-Security/WS-Trust, and often overlooked by existing implementations. JBossESB will support ACLs are part of the security capabilities.

      And I couldn't find nothing about this on JIRA.

      For now, I am thinking to use an action to perform ACL (possibilly using JAAS and/or Seam based backend with LDAP storage) and some routing strategy.

      Is there any "simple good solution" to implement ACL or something that I con plug in security sistem when it is available?

        • 1. Re: Security Capabilities
          Mark Little Master

          The documentation sometimes describes what we'd like to have eventually. ACLs are definitely not on the 4.2 roadmap. In a SOA these sorts of things should be rolled into the governance, service lifecycle and SLA development, which we won't address completely until the 5.x timeframe. However, if you can describe your particular scenario, it may be possible to offer advice for you now.