0 Replies Latest reply on Aug 8, 2012 5:24 PM by Kamen Lozev

    JMX fine-grained security configuration

    Kamen Lozev Newbie



      I have configured JBoss 4.0.5 for role-based authorization as suggested in the technical white paper Securing JMX:



      I have set up and tested different roles using the ExernalizableRolesAuthorization class in jmx-invoker-service.xml as suggested in the white paper.

      How can I configure fine-grained role based security for MBeans that are accessed via the jmx invocation layer?

      For example, I would like to limit access to a specific MBean and MBean methods to a specific role.

      I'd like to make this configuration with JBoss configuration files changes, MBean descriptors or other configuration methods.


      One alternative is to write my own AuthorizationInterceptor class but a configuration solution is preferable and I would really appreciate a configuration example.


      Thank you,