You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Robert Savage (Created) (JIRA)" <ji...@apache.org> on 2011/11/02 18:41:34 UTC
[jira] [Created] (KARAF-979) access control for shell commands
access control for shell commands
---------------------------------
Key: KARAF-979
URL: https://issues.apache.org/jira/browse/KARAF-979
Project: Karaf
Issue Type: New Feature
Components: karaf-shell
Affects Versions: 2.2.5
Reporter: Robert Savage
Feature first discussed in mailing list.
@See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
------------------------------------------------------------------------------------
Create a method to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Issue Comment Edited] (KARAF-979) access control for shell
commands
Posted by "Robert Savage (Issue Comment Edited) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13142344#comment-13142344 ]
Robert Savage edited comment on KARAF-979 at 11/2/11 5:48 PM:
--------------------------------------------------------------
Just thinking out loud but perhaps some configuration file for managing access control over (existing) shell commands both discrete commands by name and perhaps groups of commands by scope.
Ideally long term it would be nice to support an optional attribute/annotation "roles" for commands, thus when creating new custom bundles that extend the console and add new commands, these commands could intrinsically support the access-control roles convention.
was (Author: rrsavage):
Just thinking out loud but perhaps some configuration file for managing access control over (existing) shell commands both discrete commands by name and perhaps ground of commands by scope.
Ideally long term it would be nice to support an optional attribute/annotation "roles" for commands, thus when creating new custom bundles that extend the console and add new commands, these commands could intrinsically support the access-control roles convention.
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of commands. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (KARAF-979) access control for shell commands
Posted by "Jean-Baptiste Onofré (Updated JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Baptiste Onofré updated KARAF-979:
---------------------------------------
Fix Version/s: 3.0.0
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a method to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (KARAF-979) access control for shell commands
Posted by "Robert Savage (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Savage updated KARAF-979:
--------------------------------
Description:
Feature first discussed in mailing list.
@See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
------------------------------------------------------------------------------------
Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
was:
Feature first discussed in mailing list.
@See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
------------------------------------------------------------------------------------
Create a method to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (KARAF-979) access control for shell commands
Posted by "Robert Savage (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Savage updated KARAF-979:
--------------------------------
Description:
Feature first discussed in mailing list.
@See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
------------------------------------------------------------------------------------
Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of commands. Additionally "user" level access would disallow scripting and introspection capabilities.
was:
Feature first discussed in mailing list.
@See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
------------------------------------------------------------------------------------
Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of commands. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (KARAF-979) access control for shell commands
Posted by "Christian Schneider (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Christian Schneider updated KARAF-979:
--------------------------------------
Fix Version/s: (was: 3.0.0)
3.1.0
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.1.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a means to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of commands. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (KARAF-979) access control for shell commands
Posted by "Robert Savage (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/KARAF-979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13142344#comment-13142344 ]
Robert Savage commented on KARAF-979:
-------------------------------------
Just thinking out loud but perhaps some configuration file for managing access control over (existing) shell commands both discrete commands by name and perhaps ground of commands by scope.
Ideally long term it would be nice to support an optional attribute/annotation "roles" for commands, thus when creating new custom bundles that extend the console and add new commands, these commands could intrinsically support the access-control roles convention.
> access control for shell commands
> ---------------------------------
>
> Key: KARAF-979
> URL: https://issues.apache.org/jira/browse/KARAF-979
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-shell
> Affects Versions: 2.2.5
> Reporter: Robert Savage
> Labels: access, admin, command, console, permission, role, shell, user
> Fix For: 3.0.0
>
>
> Feature first discussed in mailing list.
> @See: http://karaf.922171.n3.nabble.com/shell-commands-amp-user-roles-td3474148.html
> ------------------------------------------------------------------------------------
> Create a method to define more granular level of user access to see (list/autocomplete) and execute commands via the (SSH) shell.
> Thus supporting the ability for certain commands be restricted to a configured set of user roles via the command's name or scope.
> Really what I'm after is a two level access system. An "admin" level that has full access to all commands, scripting, introspection, etc. And a "user" level of access that perhaps only provides access to a limited number of command. Additionally "user" level access would disallow scripting and introspection capabilities.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira