You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@karaf.apache.org by to...@quarendon.net on 2017/08/31 10:38:46 UTC

Default access control list for commands in the console

I just wanted to check that in the absence of an explicit access control list for commands in the console, the default is to be to allow anyone access.
Can that be altered at all? Is there a way of providing a default access control list at all? Or do I have to make sure I provide one for each command scope that I create?

Re: Default access control list for commands in the console

Posted by to...@quarendon.net.

Well that was a supplemental question actually.
Within a single access control list for a particular scope, I can presumably provide a catch all "*" entry at the bottom of that file, so that I can define a default access control list for all commands *within that scope*, but can I provide one that applies to *all* scopes? The access control list file is selected based on the scope of the command, so it doesn't seem obvious how I would define an access control list that applied to multiple scopes.

> On 31 August 2017 at 13:03 Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> 
> 
> You can use regex (like *) to match on all "other" commands.
> 
> Regards
> JB
> 
> On 08/31/2017 12:38 PM, tom@quarendon.net wrote:
> > I just wanted to check that in the absence of an explicit access control list for commands in the console, the default is to be to allow anyone access.
> > Can that be altered at all? Is there a way of providing a default access control list at all? Or do I have to make sure I provide one for each command scope that I create?
> > 
> 
> -- 
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com

Re: Default access control list for commands in the console

Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.

You can use regex (like *) to match on all "other" commands.

Regards
JB

On 08/31/2017 12:38 PM, tom@quarendon.net wrote:
> I just wanted to check that in the absence of an explicit access control list for commands in the console, the default is to be to allow anyone access.
> Can that be altered at all? Is there a way of providing a default access control list at all? Or do I have to make sure I provide one for each command scope that I create?
> 

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com