Hi Amila,
> I think first of all you should not try to write deny rules with security. > In ACL you can write deny statements. I do not understand why we should not anyway. > Generally you can not hard code the user name in a software. > Sorry for using an irrelevent statement. Obviously it has to be a role ;-). Do you need to give the current users to JMS Object and will it evaluate the > rule with any action? > There is an authorization manager that takes care of this. Danushka
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev