11.11.2. Sensitivity Constraints Reference

Type: core

Classification: access-control
  • requires-addressable: true
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /core-service=management/access=authorization

    /subsystem=jmx

    non-core-mbean-sensitivity
Classification: credential
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=mail/mail-session=*/server=pop3

    username , password

    /subsystem=mail/mail-session=*/server=imap

    username, password

    /subsystem=datasources/xa-data-source=*

    user-name, recovery-username, password, recovery-password

    /subsystem=mail/mail-session=*/custom=*

    username, password

    /subsystem=datasources/data-source=*"

    user-name, password

    /subsystem=remoting/remote-outbound-connection=*"

    username

    /subsystem=mail/mail-session=*/server=smtp

    username , password

    /subsystem=web/connector=*/configuration=ssl

    key-alias, password

    /subsystem=resource-adapters/resource-adapter=*/connection-definitions=*"

    recovery-username, recovery-password
Classification: domain-controller
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations
Classification: domain-names
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations
Classification: extensions
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /extension=*
Classification: jvm
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=platform-mbean/type=runtime

    input-arguments, boot-class-path, class-path, boot-class-path-supported, library-path
Classification: management-interfaces
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=management/management-interface=native-interface

    /core-service=management/management-interface=http-interface
Classification: module-loading
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=module-loading
Classification: patching
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=patching/addon=*

    /core-service=patching/layer=*"

    /core-service=patching
Classification: read-whole-config
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /

    read-config-as-xml
Classification: security-domain
  • requires-addressable: true
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=security/security-domain=*
Classification: security-domain-ref
  • requires-addressable: true
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=datasources/xa-data-source=*

    security-domain

    /subsystem=datasources/data-source=*

    security-domain

    /subsystem=ejb3

    default-security-domain

    /subsystem=resource-adapters/resource-adapter=*/connection-definitions=*

    security-domain, recovery-security-domain, security-application, security-domain-and-application
Classification: security-realm
  • requires-addressable: true
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /core-service=management/security-realm=*
Classification: security-realm-ref
  • requires-addressable: true
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=remoting/connector=*

    security-realm

    /core-service=management/management-interface=native-interface

    security-realm

    /core-service=management/management-interface=http-interface

    security-realm

    /subsystem=remoting/remote-outbound-connection=*

    security-realm
Classification: security-vault
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=vault
Classification: service-container
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=service-container
Classification: snapshots
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /

    take-snapshot, list-snapshots, delete-snapshot
Classification: socket-binding-ref
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /subsystem=mail/mail-session=*/server=pop3

    outbound-socket-binding-ref

    /subsystem=mail/mail-session=*/server=imap

    outbound-socket-binding-ref

    /subsystem=remoting/connector=*

    socket-binding

    /subsystem=web/connector=*

    socket-binding

    /subsystem=remoting/local-outbound-connection=*

    outbound-socket-binding-ref

    /socket-binding-group=*/local-destination-outbound-socket-binding=*

    socket-binding-ref

    /subsystem=remoting/remote-outbound-connection=*

    outbound-socket-binding-ref

    /subsystem=mail/mail-session=*/server=smtp

    outbound-socket-binding-ref

    /subsystem=transactions

    process-id-socket-binding, status-socket-binding, socket-binding
Classification: socket-config
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /interface=*

    resolve-internet-address

    /core-service=management/management-interface=native-interface

    port, interface, socket-binding

    /socket-binding-group=*

    /core-service=management/management-interface=http-interface

    port, secure-port, interface, secure-socket-binding, socket-binding

    /

    resolve-internet-address

    /subsystem=transactions

    process-id-socket-max-ports
Classification: system-property
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /core-service=platform-mbean/type=runtime

    system-properties

    /system-property=*

    /

    resolve-expression

Type: datasources

Classification: data-source-security
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=datasources/xa-data-source=*

    user-name, security-domain, password

    /subsystem=datasources/data-source=*

    user-name, security-domain, password

Type: jdr

Classification: jdr
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /subsystem=jdr

    generate-jdr-report

Type: jmx

Classification: jmx
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /subsystem=jmx

Type: mail

Classification: mail-server-security
  • requires-addressable: false
  • requires-read: false
  • requires-write: true
    PATH attributes operations

    /subsystem=mail/mail-session=*/server=pop3

    username, tls, ssl, password

    /subsystem=mail/mail-session=*/server=imap

    username, tls, ssl, password

    /subsystem=mail/mail-session=*/custom=*

    username, tls, ssl, password

    /subsystem=mail/mail-session=*/server=smtp

    username, tls, ssl, password

Type: naming

Classification: jndi-view
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=naming

    jndi-view
Classification: naming-binding
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /subsystem=naming/binding=*

Type: remoting

Classification: remoting-security
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=remoting/connector=*

    authentication-provider, security-realm

    /subsystem=remoting/remote-outbound-connection=*

    username, security-realm

    /subsystem=remoting/connector=*/security=sasl

Type: resource-adapters

Classification: resource-adapter-security
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=resource-adapters/resource-adapter=*/connection-definitions=*

    security-domain, recovery-username, recovery-security-domain, security-application, security-domain-and-application, recovery-password

Type: security

Classification: misc-security
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=security

    deep-copy-subject-mode

Type: web

Classification: web-access-log
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /subsystem=web/virtual-server=*/configuration=access-log
Classification: web-connector
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /subsystem=web/connector=*
Classification: web-ssl
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=web/connector=*/configuration=ssl
Classification: web-sso
  • requires-addressable: false
  • requires-read: true
  • requires-write: true
    PATH attributes operations

    /subsystem=web/virtual-server=*/configuration=sso
Classification: web-valve
  • requires-addressable: false
  • requires-read: false
  • requires-write: false
    PATH attributes operations

    /subsystem=web/valve=*