Why: twake-mail-admin is beautiful but dangerous. We wishes to only give limited power for day to day operation in order to prevent incidents.
Non goal: build a complex right validation logic onto James.
Ability to define bearer header:
- With no rights to do
DELETE
- With only rights to do
GET
In webadmin.properties
# Everything
password=aaaa,bbbb
# Only GET
password.readonly=xxx
# No DELETE
password.nodelete=zzz,yyy
Implement validation in the password filter.
If any of password* property is specifying request MUST be authenticated.
Why: twake-mail-admin is beautiful but dangerous. We wishes to only give limited power for day to day operation in order to prevent incidents.
Non goal: build a complex right validation logic onto James.
Ability to define bearer header:
DELETEGETIn
webadmin.propertiesImplement validation in the password filter.
If any of
password*property is specifying request MUST be authenticated.