Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-4100

Add info about default value for maximum-permissions into How To Configure Server Security

    Details

      Description

      Book: How To Configure Server Security
      Revision: 8001683

      Issue description:
      When maximum-permissions attribute is not set in the security-manager subsystem. Then it defaults to java.security.AllPermission (i.e. unlimited permissions). This behavior has to be documented as users could expect the default to be an empty list of permissions (i.e. no permissions).

      Suggestion for improvement:
      Add a note into the section "5.2.1. Defining Policies in the Security Manager Subsystem" with information about the default. E.g.
      If maximum-permissions attribute is not defined for /subsystem=security-manager/deployment-permissions then it's value defaults to java.security.AllPermission.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  zrhoads Zach Rhoads
                  Reporter:
                  jcacek Josef Cacek
                  Tester:
                  Josef Cacek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: