1 Reply Latest reply on Nov 4, 2004 9:25 PM by Scott Stark

    JBoss support for specifying authorization policy

    William May Newbie

      My group has implemented a number of Service MBeans and I need to apply a granular authorization policy to them.

      The MBeanServer API documentation seems to support this well ...


      For the invoke method, the caller's permissions must imply MBeanPermission(className, operationName, name, "invoke").

      For the getAttribute method, the caller's permissions must imply MBeanPermission(className, attribute, name, "getAttribute").

      ...



      However, after reading the HOWTO I am still unclear about how I would go about specifying which users/roles have which MBean permissions.

      Is this already supported by JBoss ? If not, is there a known model for extending JBoss to support this ?

      Any advice on the best way to approach this would be appreciated!

      Thanks