You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ignite.apache.org by "Dmitry Karachentsev (JIRA)" <ji...@apache.org> on 2017/04/25 10:29:04 UTC
[jira] [Created] (IGNITE-5077) Support service permissions
Dmitry Karachentsev created IGNITE-5077:
-------------------------------------------
Summary: Support service permissions
Key: IGNITE-5077
URL: https://issues.apache.org/jira/browse/IGNITE-5077
Project: Ignite
Issue Type: New Feature
Components: managed services
Reporter: Dmitry Karachentsev
Assignee: Dmitry Karachentsev
Fix For: 2.1
Need to add capability to specify permissions to allow/disallow executions of particular services (similar to compute tasks).
The following permissions should be added to the SecurityPermission enum:
SERVICE_DEPLOY - for IgniteServices.deployXXX methods.
SERVICE_CANCEL - for IgniteServices.cancel and IgniteServices.cancelAll methods.
SERVICE_INVOKE - for IgniteServices.service, IgniteServices.services and IgniteServices.serviceProxy methods.
SERVICE_INVOKE should allow fine-grained authorization based on service name, similar to TASK_EXECUTE. E.g., a particular user should be able to execute service A, but not service B.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)