Dmitry Karachentsev created IGNITE-5077:
-------------------------------------------
Summary: Support service permissions
Key: IGNITE-5077
URL:
https://issues.apache.org/jira/browse/IGNITE-5077 Project: Ignite
Issue Type: New Feature
Components: managed services
Reporter: Dmitry Karachentsev
Assignee: Dmitry Karachentsev
Fix For: 2.1
Need to add capability to specify permissions to allow/disallow executions of particular services (similar to compute tasks).
The following permissions should be added to the SecurityPermission enum:
SERVICE_DEPLOY - for IgniteServices.deployXXX methods.
SERVICE_CANCEL - for IgniteServices.cancel and IgniteServices.cancelAll methods.
SERVICE_INVOKE - for IgniteServices.service, IgniteServices.services and IgniteServices.serviceProxy methods.
SERVICE_INVOKE should allow fine-grained authorization based on service name, similar to TASK_EXECUTE. E.g., a particular user should be able to execute service A, but not service B.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
Locked
