[Suggest]suggestions for future versions

classic Classic list List threaded Threaded
1 message Options
sekaijin sekaijin
Reply | Threaded
Open this post in threaded view
|

[Suggest]suggestions for future versions

I propose to refine the management of restriction.

based on roles and/or hosts
<restrict>
<restrict-group>
  <roles>
    <role>manager</role>
  <roles>

  <remote>
    <host>127.0.0.1</host>
    <host>localhost</host>
    <host>10.0.0.0/16</host>
  </remote>
  
  <cors>
    <allow-origin>http://www.jmx4perl.org</allow-origin>
    <allow-origin>*.jolokia.org</allow-origin>
  </cors>

  <commands>
    <command>read</command>
  </commands>

  <allow>

    <mbean>
      <name>java.lang:type=Memory</name>
      <attribute mode="read">Verbose</attribute>
      <operation>gc</operation>
    </mbean>

    <mbean>
      <name>jolokia:type=Config</name>
      <operation>*</operation>
    </mbean>
    <mbean>
      <name>java.lang:type=Threading</name>
      <operation>findDeadlockedThreads</operation>
    </mbean>
  </allow>

  <deny>
    <mbean>
      <name>com.mchange.v2.c3p0:type=PooledDataSource,*</name>
      <attribute>properties</attribute>
    </mbean>
  </deny>
</restrict-group>
<restrict-group>
  <roles>
    <role>admin</role>
  <roles>
  <remote>
    <host>127.0.0.1</host>
  </remote>
</restrict-group>
</restrict>

This would have specific restrictions for the manager role on described hosts and others for the admin role  on localhost etc.

A+JYT