MEJB works similar to the EJB-Adaptor which was created because of this reason. But be aware that this is only MEJB level meaning that you give access to someone (for all management activity) or not.
Andy ----- Original Message ----- From: "marc fleury" <[EMAIL PROTECTED]> To: "Jeff Tulley" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, December 10, 2001 10:56 AM Subject: RE: [JBoss-dev] Security in JSR-77 stuff / JMX > that is the purpose of the MEJB, to provide EJB security semantics to the > API in a standard well defined way. > > |Andreas, > | Is security addressed at all in either the JSR-77 stuff, or in how > |JMX is used to manage JBoss? In the current JMX HTTP adaptor, port > |8082, it is a little dangerous to expose shutdown functionality, for > |instance. I know in a production system I would disable the HTTP > |adaptor for this reason. But, we have code that relies on it being > |there (see org.jboss.Shutdown). We need to have a consistent mechanism > |to perform such functions that takes security into account. > | Actually, looking through some code it seems as if you maybe have in > |mind to use the standard EJB security model, is that right? > | > | Excuse me if I am asking the wrong questions since I'm a newbie > |here. > | > |Jeff Tulley ([EMAIL PROTECTED]) > |(801)861-5322 > |Novell, Inc., the leading provider of Net services software. > > > > _______________________________________________ > Jboss-development mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-development > > _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
