Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-2142

provide default A-MQ authorization settings to comply with newly introduced RBAC in fuse 6.2

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • jboss-fuse-6.2
    • jboss-fuse-6.2
    • ActiveMQ
    • % %

    Description

      With Fuse 6.2 and RBAC, there is quite a few security roles introduced (admin,manager,viewer,Operator, Maintainer, Deployer, Auditor, Administrator, SuperUser).

      I think there should be meaningful mapping between these rbac roles and read/write permissions in A-MQ by default.

      When customer just configures Fuse to use LDAP Authorization, he could be surprised, that authenticated users without any roles can read/write, even delete queues and topics using JMS API.
      EDIT:deleting of queues and topics would probably require JMX access, which is covered by RBAC.

      Yes, customer can google for A-MQ doc page (couldn't find this section in fuse doc pages) and configure amq to his needs, but wouldn't it be nicer with this mapping predefined?

      Attachments

        Activity

          People

            pantinor@redhat.com Paolo Antinori
            jludvice Josef Ludvicek (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: