qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Rudyy (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (QPID-3844) Management ACL lacks the ability to perform queryMBean operation for non-admin users
Date Wed, 15 Feb 2012 14:45:00 GMT
Management ACL lacks the ability to perform queryMBean operation for non-admin users
------------------------------------------------------------------------------------

                 Key: QPID-3844
                 URL: https://issues.apache.org/jira/browse/QPID-3844
             Project: Qpid
          Issue Type: Bug
          Components: Java Broker
    Affects Versions: 0.15
            Reporter: Alex Rudyy
             Fix For: 0.15




Existing user accounts with limited rights (non admin uses) cannot login into management console
due to error: "Permission denied: Access queryMBeans".

For example, ACL for the guest account can be configured like following

#Allow 'guest' to perform read operations on the Serverinformation mbean and view logger levels
ACL ALLOW-LOG guest ACCESS METHOD component="ServerInformation"
ACL ALLOW-LOG guest ACCESS METHOD component="LoggingManagement" name="viewEffectiveRuntimeLoggerLevels"

but "guest" user still is not be able to login because current implementation does not allow
invocation of queryMBeans operation for non-admin accounts.


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org


Mime
View raw message