Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-1631

JMX operations on broker bypass authorization plugin

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • jboss-fuse-6.2
    • None
    • Hawtio
    • None
    • % %

    Description

      When securing the broker using authentication and authorization, any JMX operations on the broker completely bypass the authorization plugin.
      So anyone can modify the broker bypassing security checks
      Also, because of this its not possible to define a read only user for the web console.

      Attachments

        Activity

          People

            dbokde Dhiraj Bokde
            rhn-support-tmielke Torsten Mielke
            Tomas Turek Tomas Turek
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: