You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Gert Vanthienen (JIRA)" <ji...@apache.org> on 2009/11/15 23:23:52 UTC
[jira] Updated: (SM-1915) Support more fine-grained authorization
on JMX access
[ https://issues.apache.org/activemq/browse/SM-1915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gert Vanthienen updated SM-1915:
--------------------------------
Attachment: SM-1915.diff
Currently, Apache infrastructure is down, but this is the patch that is waiting to get committed.
It allows people to configure a policy for checking remote JMX invocations and we provide an out-of-the-box policy for giving normal users read-only access and only allow read-write access to the admin group. It can be configured in conf/jmx.xml like this
{noformat}
<sm:jmxConnector ...
policy="#policy"/>
<sm:adminReadWritePolicy id="policy"/>
{noformat}
> Support more fine-grained authorization on JMX access
> -----------------------------------------------------
>
> Key: SM-1915
> URL: https://issues.apache.org/activemq/browse/SM-1915
> Project: ServiceMix
> Issue Type: Bug
> Components: servicemix-core
> Affects Versions: 3.2.3, 3.3.1
> Reporter: Gert Vanthienen
> Assignee: Gert Vanthienen
> Fix For: 3.2.4, 3.3.2
>
> Attachments: SM-1915.diff
>
>
> Currently, access to the JMX console access is being controlled by a JAAS login module. Once logged in to the JMX console, every user is allowed to do anything with the provided MBeans.
> This issue aims to add support for basic authorization control as well as provide a hook for implementing more fine-grained authorization schemes. The basic scheme should allow 'admin' users to do anything and limit the normal users to read-only operations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.