1 Reply Latest reply on Mar 23, 2009 1:11 PM by senthurkumaran masilamani

    Deploying packages - Create

    senthurkumaran masilamani Newbie

      I have created a user with all resource level permissions(No Global permissions). This user is primarily responsible for managing JBoss AS applications and deployments on server1. (JON manages few servers i.e server1,server2 and server3). He doesn't have access to any resources in server2 and server3. He is not a JON admin.

      When I try to deploy new package to an existing application , I got the following error

      Failed to associate package [JonTest.war] with channel ID [500550]. Cause: org.rhq.enterprise.server.authz.PermissionException:Subject [websupport] is not authorized for [MANAGE_INVENTORY]: invocation: method=public void org.rhq.enterprise.server.content.ChannelManagerBean.addPackageVersionsToChannel(org.rhq.core.domain.auth.Subject,int,int[]) throws java.lang.Exception,context-data={}

      Since deployment of packages is main task for this user, I assigned global permission "Manage inventory (resources/groups)". After the new permission assignment, User is able to deploy packages.

      Now, the issue is , he can see all the servers in the inventry (server1, server2 and server3) , but the group assigned to him has only server1 access.

      My question is how to deploy packages without having any global permissions ? how to restrict the user not to see all the resources ?

      Thanks & Regards