geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From genspr...@apache.org
Subject svn commit: r817521 - in /geronimo/server/branches/2.1: framework/configs/server-security-config/src/main/resources/security/ framework/modules/geronimo-jmx-remoting/ framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting...
Date Tue, 22 Sep 2009 07:32:32 GMT
Author: genspring
Date: Tue Sep 22 07:32:31 2009
New Revision: 817521

URL: http://svn.apache.org/viewvc?rev=817521&view=rev
Log:
GERONIMO-4823 role-based administration capabilities

Modified:
    geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/groups.properties
    geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/users.properties
    geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/pom.xml
    geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java
    geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
    geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/welcome/welcomeNormal.jsp
    geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/web.xml
    geronimo/server/branches/2.1/plugins/console/console-jetty/src/main/plan/plan.xml
    geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/themes/navigation.jsp
    geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/web.xml
    geronimo/server/branches/2.1/plugins/console/console-tomcat/src/main/plan/plan.xml
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml   (contents, props changed)
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml   (contents, props changed)
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/java/org/apache/geronimo/monitoring/console/MRCConnector.java
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp   (contents, props changed)
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringNormal.jsp
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringPage.jsp
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringServers.jsp
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViewServer.jsp
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp   (contents, props changed)
    geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/web.xml

Modified: geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/groups.properties
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/groups.properties?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/groups.properties (original)
+++ geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/groups.properties Tue Sep 22 07:32:31 2009
@@ -15,3 +15,4 @@
 #  limitations under the License.
 #=====================================================================
 admin=system
+monitor=monitor

Modified: geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/users.properties
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/users.properties?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/users.properties (original)
+++ geronimo/server/branches/2.1/framework/configs/server-security-config/src/main/resources/security/users.properties Tue Sep 22 07:32:31 2009
@@ -15,3 +15,4 @@
 #  limitations under the License.
 #=====================================================================
 system=manager
+monitor=password

Modified: geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/pom.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/pom.xml (original)
+++ geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/pom.xml Tue Sep 22 07:32:31 2009
@@ -46,7 +46,13 @@
             <artifactId>geronimo-system</artifactId>
             <version>${version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.apache.geronimo.framework</groupId>
+            <artifactId>geronimo-security</artifactId>
+            <version>${version}</version>
+        </dependency>
     </dependencies>
     
 </project>
 
+

Modified: geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java (original)
+++ geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/main/java/org/apache/geronimo/jmxremoting/Authenticator.java Tue Sep 22 07:32:31 2009
@@ -16,17 +16,20 @@
  */
 package org.apache.geronimo.jmxremoting;
 
-import java.util.Map;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import javax.management.Notification;
+import javax.management.NotificationListener;
 import javax.management.remote.JMXAuthenticator;
 import javax.management.remote.JMXConnectionNotification;
-import javax.management.NotificationListener;
-import javax.management.Notification;
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
+import org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal;
 /**
  * JMX Authenticator that checks the Credentials by logging in via JAAS.
  *
@@ -67,6 +70,18 @@
             LoginContext context = new LoginContext(configName, credentials);
             context.login();
             threadContext.set(context);
+            Subject sub = context.getSubject();
+            Set<GeronimoGroupPrincipal> pricipalsGroup = sub.getPrincipals(GeronimoGroupPrincipal.class);
+            boolean isInAdminGroup = false;
+            for (GeronimoGroupPrincipal principal : pricipalsGroup) {
+                if (principal.getName().equals("admin")) {
+                    isInAdminGroup = true;
+                    break;
+                }
+            }
+            if(!isInAdminGroup){
+                throw new LoginException("Only users in admin group are allowed");
+            }
             return context.getSubject();
         } catch (LoginException e) {
             // do not propogate cause - we don't know what information is may contain

Modified: geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java (original)
+++ geronimo/server/branches/2.1/framework/modules/geronimo-jmx-remoting/src/test/java/org/apache/geronimo/jmxremoting/AuthenticatorTest.java Tue Sep 22 07:32:31 2009
@@ -18,8 +18,10 @@
 
 import java.security.Principal;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
+
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -28,12 +30,14 @@
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.login.AppConfigurationEntry;
 import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginException;
 import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
 import junit.framework.TestCase;
 
+import org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal;
+
 /**
  * 
  * 
@@ -43,6 +47,9 @@
     private static final String CONFIG_NAME = "testConfig";
     private Configuration oldConfiguration;
     private Authenticator authenticator;
+    public void testMonitorGroupLogin() throws Exception {
+        testFailure("monitor", "monitor");
+    }
 
     public void testLogin() {
         try {
@@ -137,6 +144,16 @@
         private CallbackHandler handler;
         private Map options;
         private String username;
+        private static Map<String, Set<String>> userGroupsMap = new HashMap<String, Set<String>>();
+        static {
+            Set<String> systemGroupsSet = new HashSet<String>();
+            systemGroupsSet.add("admin");
+            systemGroupsSet.add("monitor");
+            userGroupsMap.put("system", systemGroupsSet);
+            Set<String> monitorGroupsSet = new HashSet<String>();
+            monitorGroupsSet.add("monitor");
+            userGroupsMap.put("monitor", monitorGroupsSet);
+        }
 
         public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
             this.subject = subject;
@@ -167,6 +184,10 @@
 
         public boolean commit() throws LoginException {
             subject.getPrincipals().add(new MockPrincipal(username));
+            for (String groupName : userGroupsMap.get(username)) {
+                subject.getPrincipals().add(
+                        new GeronimoGroupPrincipal(groupName));
+            }
             return true;
         }
 

Modified: geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/welcome/welcomeNormal.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/welcome/welcomeNormal.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/welcome/welcomeNormal.jsp (original)
+++ geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/welcome/welcomeNormal.jsp Tue Sep 22 07:32:31 2009
@@ -56,6 +56,7 @@
 
         <!-- Geronimo Links -->
         <td valign="top">
+        <%if(request.isUserInRole("admin")){ %>
 
             <table width="100%" border="1" cellspacing="0" cellpadding="3" bordercolor="#000000">
                 <tr>
@@ -73,6 +74,7 @@
                     </td>
                 </tr>
             </table>
+        <%} %>
 
             <br />
             <br />

Modified: geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/web.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/branches/2.1/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/web.xml Tue Sep 22 07:32:31 2009
@@ -373,6 +373,7 @@
         </web-resource-collection>
         <auth-constraint>
             <role-name>admin</role-name>
+             <role-name>monitor</role-name>
         </auth-constraint>
     </security-constraint>
     <login-config>
@@ -382,6 +383,9 @@
     <security-role>
         <role-name>admin</role-name>
     </security-role>
+        <security-role>
+        <role-name>monitor</role-name>
+    </security-role>
 
     <!--
     For security reasons requests to the dwr servlet go through

Modified: geronimo/server/branches/2.1/plugins/console/console-jetty/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-jetty/src/main/plan/plan.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-jetty/src/main/plan/plan.xml (original)
+++ geronimo/server/branches/2.1/plugins/console/console-jetty/src/main/plan/plan.xml Tue Sep 22 07:32:31 2009
@@ -232,6 +232,9 @@
             <role role-name="admin">
                 <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" />
             </role>
+            <role role-name="monitor">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="monitor" />
+            </role>
         </role-mappings>
     </security>
 

Modified: geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/themes/navigation.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/themes/navigation.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/themes/navigation.jsp (original)
+++ geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/themes/navigation.jsp Tue Sep 22 07:32:31 2009
@@ -113,6 +113,8 @@
     for(int i=0;i<catNames_len;i++){
         String catName = catNames.get(i);
         pageContext.setAttribute("catName",catName);
+        if(request.isUserInRole("admin")||
+                (request.isUserInRole("monitor") &&catName.equals("Server"))){
         %>
         <tr><td><div class="Selection">
             <table width="100%" border="0" cellpadding="1" cellspacing="0">
@@ -127,6 +129,7 @@
             </table>
         </div></td></tr>
         <%
+        }
         ArrayList<PageConfig> list = categories.get(catName);
         int list_len = list.size();
         for(int k=0;k<list_len;k++){
@@ -134,6 +137,12 @@
             PageConfig pageConfig = list.get(k);
             pageContext.setAttribute("page",pageConfig);
             pageName = shortNames.get(pageConfig.getName());
+
+            if(request.isUserInRole("admin")||
+                (request.isUserInRole("monitor") &&(pageName.equals("Information")
+                                                 ||pageName.equals("Java System Info")
+                                                 ||pageName.equals("Thread Pools")
+                                                 ||pageName.equals("Monitoring")))){
             String icon = pageConfig.getIcon();
             if (icon == null || icon.trim().length() == 0) {
                icon = "/images/ico_doc_16x16.gif";
@@ -158,6 +167,7 @@
                 </table>
             </div></td></tr>
             <%
+            }
         }
     }
 %>
@@ -171,3 +181,4 @@
     </table></div></td></tr>
 </table>
 
+

Modified: geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/web.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/branches/2.1/plugins/console/console-portal-driver/src/main/webapp/WEB-INF/web.xml Tue Sep 22 07:32:31 2009
@@ -229,12 +229,39 @@
     </web-resource-collection>
     <auth-constraint>
       <role-name>admin</role-name>
+      <role-name>monitor</role-name>
     </auth-constraint>
     <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
   </security-constraint>
-
+  
+    <security-constraint>
+    <web-resource-collection>
+      <web-resource-name>console monitor</web-resource-name>
+      <url-pattern>/portal</url-pattern>
+      <url-pattern>/portal/Welcome</url-pattern>
+      <url-pattern>/portal/Welcome/*</url-pattern>
+      <url-pattern>/portal/Server/Information</url-pattern>
+      <url-pattern>/portal/Server/Information/*</url-pattern>
+      <url-pattern>/portal/Server/Java System Info</url-pattern>
+      <url-pattern>/portal/Server/Java System Info/*</url-pattern>
+      <url-pattern>/portal/Server/Thread Pools</url-pattern>
+      <url-pattern>/portal/Server/Thread Pools/*</url-pattern>
+      <url-pattern>/portal/Server/Monitoring</url-pattern>
+      <url-pattern>/portal/Server/Monitoring/*</url-pattern>
+      <url-pattern>/forwards/*</url-pattern>
+      <url-pattern>/dwr/*</url-pattern>
+      <http-method>GET</http-method>
+      <http-method>POST</http-method>
+      <http-method>PUT</http-method>
+    </web-resource-collection>
+    <auth-constraint>
+      <role-name>monitor</role-name>
+      <role-name>admin</role-name>
+    </auth-constraint>
+  </security-constraint>
+  
   <security-constraint>
     <web-resource-collection>
       <web-resource-name>console</web-resource-name>
@@ -253,6 +280,8 @@
       <role-name>admin</role-name>
     </auth-constraint>
   </security-constraint>
+  
+
 
   <login-config>
     <auth-method>FORM</auth-method>
@@ -266,6 +295,9 @@
   <security-role>
     <role-name>admin</role-name>
   </security-role>
-
+  <security-role>
+    <role-name>monitor</role-name>
+  </security-role>
 </web-app>
 
+

Modified: geronimo/server/branches/2.1/plugins/console/console-tomcat/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/console/console-tomcat/src/main/plan/plan.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/console/console-tomcat/src/main/plan/plan.xml (original)
+++ geronimo/server/branches/2.1/plugins/console/console-tomcat/src/main/plan/plan.xml Tue Sep 22 07:32:31 2009
@@ -233,6 +233,9 @@
             <role role-name="admin">
                 <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" />
             </role>
+            <role role-name="monitor">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="monitor" />
+            </role>
         </role-mappings>
     </security>
 

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml Tue Sep 22 07:32:31 2009
@@ -47,5 +47,17 @@
             <name>PlutoPortalServices</name>
         </reference>
     </gbean>
+    <security-realm-name>geronimo_admin</security-realm-name>
+    
+    <security xmlns="http://geronimo.apache.org/xml/ns/security-1.2">
+        <role-mappings>
+            <role role-name="admin">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" />
+            </role>
+            <role role-name="monitor">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="monitor" />
+            </role>
+        </role-mappings>
+    </security>
 
 </web-app>

Propchange: geronimo/server/branches/2.1/plugins/monitoring/mconsole-jetty/src/main/plan/plan.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml Tue Sep 22 07:32:31 2009
@@ -47,5 +47,17 @@
             <name>PlutoPortalServices</name>
         </reference>
     </gbean>
-
+    <security-realm-name>geronimo_admin</security-realm-name>
+    
+    <security xmlns="http://geronimo.apache.org/xml/ns/security-1.2">
+        <role-mappings>
+            <role role-name="admin">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" />
+            </role>
+            <role role-name="monitor">
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="monitor" />
+            </role>
+        </role-mappings>
+    </security>
 </web-app>
+ 

Propchange: geronimo/server/branches/2.1/plugins/monitoring/mconsole-tomcat/src/main/plan/plan.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/java/org/apache/geronimo/monitoring/console/MRCConnector.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/java/org/apache/geronimo/monitoring/console/MRCConnector.java?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/java/org/apache/geronimo/monitoring/console/MRCConnector.java (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/java/org/apache/geronimo/monitoring/console/MRCConnector.java Tue Sep 22 07:32:31 2009
@@ -17,6 +17,7 @@
 package org.apache.geronimo.monitoring.console;
 
 import java.io.IOException;
+import java.net.InetAddress;
 import java.sql.Connection;
 import java.sql.Statement;
 import java.text.Format;
@@ -39,9 +40,11 @@
 import javax.naming.Context;
 import javax.naming.InitialContext;
 
+import org.apache.geronimo.console.util.PortletManager;
 import org.apache.geronimo.crypto.EncryptionManager;
 import org.apache.geronimo.monitoring.MasterRemoteControlRemote;
 import org.apache.geronimo.monitoring.console.util.DBManager;
+import org.apache.geronimo.system.jmx.RealMBeanServerReference;
 
 public class MRCConnector {
 
@@ -94,6 +97,12 @@
 
         } else {
             try {
+                InetAddress host = InetAddress.getLocalHost();//maybe throw a UnknownHostException 
+                if (ip.equals("localhost") || ip.equals(host.getHostAddress())
+                                            || ip.equals(host.getHostName())
+                                            ||ip.equals("127.0.0.1")) {
+                    mbServerConn = ((RealMBeanServerReference)PortletManager.getKernel().getGBean("MBeanServerReference")).getMBeanServer();
+                } else {
                 JMXServiceURL serviceURL = new JMXServiceURL(
                         "service:jmx:rmi:///jndi/rmi://" + ip + ":" + port
                                 + "/JMXConnector");
@@ -105,6 +114,7 @@
                 connector = JMXConnectorFactory.connect(
                         serviceURL, env);
                 mbServerConn = connector.getMBeanServerConnection();
+                }
 
                 // retrieve the mbean name to the agent-car-jmx plugin 
                 if(PATH == null) {

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp Tue Sep 22 07:32:31 2009
@@ -126,8 +126,9 @@
   	<td class="${backgroundClass}" width="20%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="showServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><%=server_name%></a></td>
   	<td class="${backgroundClass}" width="15%" align="center"><%=timeframe%></td>
   	<td class="${backgroundClass}" width="20%" align="center"><%=dataname1%><%if (operation != null && !operation.equals("null")){%><%=operation%><%}%><%if (dataname2 != null && !dataname2.equals("null")){%><%=dataname2%><%}%></td>
+       <%if(request.isUserInRole("admin")){ %>
   	<td class="${backgroundClass}" width="15%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditGraph" /><portlet:param name="graph_id" value="<%=graph_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-<%} 
+<%} }
 else
 {
 	%>
@@ -135,16 +136,18 @@
   	<td class="${backgroundClass}" width="20%" align="center"><%=server_name%></td>
   	<td class="${backgroundClass}" width="15%" align="center"><%=timeframe%></td>
   	<td class="${backgroundClass}" width="20%" align="center"><%=dataname1%><%if (operation != null && !operation.equals("null")){%><%=operation%><%}%><%if (dataname2 != null && !dataname2.equals("null")){%><%=dataname2%><%}%></td>
+       <%if(request.isUserInRole("admin")){ %>
   	<td class="${backgroundClass}" width="15%" align="center"><img
 					border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></td>
-	<%
+    <%}
 }%>
  </tr>
  <%}
 %>
 </table>
+ <%if(request.isUserInRole("admin")){ %>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddGraph" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.graph.addGraph"/></a></div>
-<%
+<%}
  // close connection
  con.close();
 %>

Propchange: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringGraphs.jsp
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringNormal.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringNormal.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringNormal.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringNormal.jsp Tue Sep 22 07:32:31 2009
@@ -27,6 +27,7 @@
 <%@ page import="java.sql.SQLException" %>
 <%@ page import="org.apache.geronimo.monitoring.console.MRCConnector" %>
 <%@ page import="org.apache.geronimo.monitoring.console.util.*" %>
+<%@ page import="javax.portlet.PortletRequest" %>
 <fmt:setBundle basename="monitor-portlet"/>
 <portlet:defineObjects/>
 <script type = "text/javascript">
@@ -74,14 +75,18 @@
   <td class="${backgroundClass}" width="10%" align="center"><%=rs.getString("graph_count")%></td>
   <td class="${backgroundClass}" width="15%" align="center"><%=rs.getString("added").substring(0,16)%></td>
   <td class="${backgroundClass}" width="15%" align="center"><%=rs.getString("modified").substring(0,16)%></td>
+  <%if(request.isUserInRole("admin")){ %>
   <td class="${backgroundClass}" width="15%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditView" /><portlet:param name="view_id" value='<%=rs.getString("view_id")%>' /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
+  <%} %>
  </tr>
  <%
  }
  rs.close();
  %>
 </table>
+<% if (request.isUserInRole("admin")) {%>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddView" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.view.create"/></a></div>
+<% }%>
 <table width="100%" style="border-style: solid;
 border-width: 1px;">
  <thead align="center"><strong><fmt:message key="monitor.common.server"/></strong></thead>
@@ -198,68 +203,81 @@
     <td class="${backgroundClass}" width="15%" align="center"><font color="red">(<fmt:message key="monitor.server.stopped"/>)</font></td>
 <%
     if(enabled) {   // enable the links
+        if(request.isUserInRole("admin")){
 %>
         <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="startThread" /><portlet:param name="server_id" value="<%=server_id%>" /><portlet:param name="snapshotDuration" value="<%=java.lang.Long.toString(snapshotDuration)%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enableQuery"/></a></td>
-<%
+<%        }//end admin
     } else {        // do not provide links
+        if(request.isUserInRole("admin")){
 %>
         <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enableQuery"/></td>
-<%
+<%        }//end admin
     }
+if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
 <%
+}//end admin
 }
 else if (collecting == -1) {  // not collecting statistics
     %>
         <td class="${backgroundClass}" width="15%" align="center"><font color="red"><fmt:message key="monitor.server.stopping"/></font></td>
     <%
         if(enabled) {   // enable the links
+            if(request.isUserInRole("admin")){
     %>
             <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></td>
-    <%
+    <%        }//end admin
         } else {        // do not provide links
+            if(request.isUserInRole("admin")){
     %>
             <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></td>
-    <%
+    <%        }//end admin
         }
+            if(request.isUserInRole("admin")){
     %>
       <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-    <%
+    <%    }//end admin
     }
 else {            // collecting statistics
     if (enabled)
     {
 %>
   <td class="${backgroundClass}" width="15%" align="center"><%=snapshotDuration/1000/60%> <fmt:message key="monitor.common.min"/> (<fmt:message key="monitor.server.run"/>)</td>
+  <%if(request.isUserInRole("admin")){ %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="stopThread" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></a></td>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-<%
+<%}//end admin
     }
     else
     {
         %>
         <td class="${backgroundClass}" width="15%" align="center"><fmt:message key="monitor.server.stopped"/></td>
+        <%if(request.isUserInRole("admin")){ %>
         <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></td>
         <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-      <%        
+      <%    }//end admin   
     }
 }
 if(enabled) {   // enabled server
+    if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="disableServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disable"/></a></td>
-<%
+<%}
 } else {        // disabled server
+    if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="enableServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enable"/></a></td>
-<%
+<%}
 }
 %>
  </tr>
  <%}
 %>
 </table>
+<% if (!request.isUserInRole("monitor")) {%>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddServer" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.addServer"/></a></div>
+<%} %>
 <table width="100%" style="border-style: solid;
 border-width: 1px;">
  <thead align="center"><strong><fmt:message key="monitor.common.graph"/></strong></thead>
@@ -343,8 +361,9 @@
   	<td class="${backgroundClass}" width="20%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="showServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><%=server_name%></a></td>
   	<td class="${backgroundClass}" width="15%" align="center"><%=timeframe%></td>
   	<td class="${backgroundClass}" width="20%" align="center"><%=dataname1%><%if (operation != null && !operation.equals("null")){%><%=operation%><%}%><%if (dataname2 != null && !dataname2.equals("null")){%><%=dataname2%><%}%></td>
+      <%if(request.isUserInRole("admin")){ %>
   	<td class="${backgroundClass}" width="15%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditGraph" /><portlet:param name="graph_id" value="<%=graph_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-<%} 
+<%} }
 else
 {
 	%>
@@ -352,11 +371,14 @@
   	<td class="${backgroundClass}" width="20%" align="center"><%=server_name%></td>
   	<td class="${backgroundClass}" width="15%" align="center"><%=timeframe%></td>
   	<td class="${backgroundClass}" width="20%" align="center"><%=dataname1%><%if (operation != null && !operation.equals("null")){%><%=operation%><%}%><%if (dataname2 != null && !dataname2.equals("null")){%><%=dataname2%><%}%></td>
+      <%if(request.isUserInRole("admin")){ %>
   	<td class="${backgroundClass}" width="15%" align="center"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></td>
-	<%
+    <% } %><%
 }%>
  </tr>
  <%}
 %>
 </table>
+<% if (request.isUserInRole("admin")) {%>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddGraph" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.graph.addGraph"/></a></div>
+<%}%>

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringPage.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringPage.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringPage.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringPage.jsp Tue Sep 22 07:32:31 2009
@@ -171,6 +171,7 @@
             </table>
             <br>
             <br>
+            <%if(request.isUserInRole("admin")){ %>
             <table width="100%" style="border-bottom: 1px solid #2581c7;" cellspacing="1" cellpadding="1">
                 <tr>
                     <td class="DarkBackground" align="left" nowrap>
@@ -189,6 +190,7 @@
                     </td>   
                 </tr>
             </table>
+            <%} %>
 
         </td>        
     </tr>

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringServers.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringServers.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringServers.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringServers.jsp Tue Sep 22 07:32:31 2009
@@ -155,69 +155,80 @@
     <td class="${backgroundClass}" width="15%" align="center"><font color="red">(<fmt:message key="monitor.server.stopped"/>)</font></td>
 <%
     if(enabled) {   // enable the links
+        if(request.isUserInRole("admin")){
 %>
         <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="startThread" /><portlet:param name="server_id" value="<%=server_id%>" /><portlet:param name="snapshotDuration" value="<%=java.lang.Long.toString(snapshotDuration)%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enableQuery"/></a></td>
-<%
+<%        }//end admin
     } else {        // do not provide links
+        if(request.isUserInRole("admin")){
 %>
         <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enableQuery"/></td>
-<%
+<%        }//end admin
     }
+if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-<%
+<%}//end admin
 } 
 else if (collecting == -1) {  // not collecting statistics
     %>
         <td class="${backgroundClass}" width="15%" align="center"><font color="red"><fmt:message key="monitor.server.stopping"/></font></td>
     <%
         if(enabled) {   // enable the links
+            if(request.isUserInRole("admin")){
     %>
             <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></td>
-    <%
+    <%    }//end admin
         } else {        // do not provide links
+            if(request.isUserInRole("admin")){
     %>
             <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enableQuery"/></td>
-    <%
+    <%        }//end admin
         }
+    if(request.isUserInRole("admin")){
     %>
       <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-    <%
+    <%}//end admin
     }
 else {            // collecting statistics
     if (enabled)
     {
 %>
   <td class="${backgroundClass}" width="15%" align="center"><%=snapshotDuration/1000/60%> <fmt:message key="monitor.common.min"/> (<fmt:message key="monitor.server.run"/>)</td>
+  <%if(request.isUserInRole("admin")){ %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="stopThread" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></a></td>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-<%
+<%}//end admin
     }
     else
     {
         %>
         <td class="${backgroundClass}" width="15%" align="center"><fmt:message key="monitor.server.stopped"/></td>
+        <%if(request.isUserInRole("admin")){ %>
         <td class="${backgroundClass}" width="10%" align="center"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disableQuery"/></td>
         <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
-      <%        
+      <%   }//end admin     
     }
 }
 if(enabled) {   // enabled server
+    if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="disableServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/close-b.png"><fmt:message key="monitor.server.disable"/></a></td>
-<%
+<%}//end admin
 } else {        // disabled server
+    if(request.isUserInRole("admin")){
 %>
   <td class="${backgroundClass}" width="10%" align="center"><a href="<portlet:actionURL portletMode="view"><portlet:param name="action" value="enableServer" /><portlet:param name="server_id" value="<%=server_id%>" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.enable"/></a></td>
-<%
+<%}//end admin
 }
 %>
  </tr>
  <%}
 %>
 </table>
+<%if(request.isUserInRole("admin")){ %>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddServer" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.server.addServer"/></a></div>
-<%
+<%}
  // close connection
  con.close();
 %>

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViewServer.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViewServer.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViewServer.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViewServer.jsp Tue Sep 22 07:32:31 2009
@@ -222,8 +222,11 @@
                     {
                         String dataName = itt.next().toString();
                 %>
+                <%if(request.isUserInRole("admin")){ %>
                         <tr><td><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddGraph" /><portlet:param name="server_id" value="<%=server_id%>" /><portlet:param name="mbean" value="<%=trackedBeansMap.get(prettyBean)%>" /><portlet:param name="dataname" value="<%=dataName%>" /></portlet:actionURL>"><%=dataName%></a></td><td><%=beanStats.get(dataName) %></td></tr>
-                <%
+                <% }else{ %>
+                <tr><td><a><%=dataName%></a></td><td><%=beanStats.get(dataName) %></td></tr>
+                <%}//end request.isUserInRole
                     }
                 } else {
                 %>
@@ -282,6 +285,7 @@
             </table>
             <br>
             <br>            
+            <%if(request.isUserInRole("admin")){ %>       
             <table width="100%" style="border-bottom: 1px solid #2581c7;" cellspacing="1" cellpadding="1">
                 <tr>
                     <td class="DarkBackground" align="left" nowrap>
@@ -447,6 +451,7 @@
                         }
                         %>
             </table>
+         <% } //end admin%>
         </td>        
     </tr>
 </table>

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp Tue Sep 22 07:32:31 2009
@@ -69,15 +69,18 @@
   <td class="${backgroundClass}" width="10%" align="center"><%=rs.getString("graph_count")%></td>
   <td class="${backgroundClass}" width="15%" align="center"><%=rs.getString("added").substring(0,16)%></td>
   <td class="${backgroundClass}" width="15%" align="center"><%=rs.getString("modified").substring(0,16)%></td>
+  <%if(request.isUserInRole("admin")){ %>
   <td class="${backgroundClass}" width="15%" align="center"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showEditView" /><portlet:param name="view_id" value='<%=rs.getString("view_id")%>' /></portlet:actionURL>"><img border=0 src="/monitoring/images/edit-b.png"><fmt:message key="monitor.common.edit"/></a></td>
+<%} %> 
  </tr>
  <%
  }
  rs.close();
  %>
 </table>
+<%if(request.isUserInRole("admin")){ %>
 <div align="right"><a href="<portlet:actionURL portletMode="edit"><portlet:param name="action" value="showAddView" /></portlet:actionURL>"><img border=0 src="/monitoring/images/max-b.png"><fmt:message key="monitor.view.create"/></a></div>
-<%
+<%}
  // close connection
  con.close();
 %>

Propchange: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/view/monitoringViews.jsp
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/web.xml?rev=817521&r1=817520&r2=817521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/branches/2.1/plugins/monitoring/mconsole-war/src/main/webapp/WEB-INF/web.xml Tue Sep 22 07:32:31 2009
@@ -58,4 +58,10 @@
         <res-sharing-scope>Shareable</res-sharing-scope>
     </resource-ref>
     
+    <security-role>
+        <role-name>admin</role-name>
+    </security-role>
+    <security-role>
+        <role-name>monitor</role-name>
+    </security-role>
 </web-app>



Mime
View raw message