MBeanServer Sensitivity Classifications

gistfile1.java

==== write methods ====
    ObjectInstance createMBean()
    public Object instantiate()
    public ObjectInstance registerMBean()
    public void setAttribute()
    public AttributeList setAttributes()
    public void unregisterMBean()

==== read methods ====
    public Object getAttribute()
    public AttributeList getAttributes()
    public void addNotificationListener()
    public void removeNotificationListener()
    //Make these SuperUser/Administrator only
    public ClassLoader getClassLoader(ObjectName loaderName)
    public ClassLoader getClassLoaderFor(ObjectName mbeanName)
    public ClassLoaderRepository getClassLoaderRepository() 
    public ObjectInputStream deserialize(ObjectName loaderName, …)

==== r/w depends on impact of method ====
    public Object invoke()

==== Not sure ====
    public String getDefaultDomain() {
    //These iterate over all the plugins and return counts/instances
    public String[] getDomains() {
    public Integer getMBeanCount() {
    public Set<ObjectInstance> queryMBeans(ObjectName name, QueryExp query) {
    public Set<ObjectName> queryNames(ObjectName name, QueryExp query) {
    //Should we be able to get the info/instances of mbeans we cannot ?
    public MBeanInfo getMBeanInfo(ObjectName name)
    private MBeanInfo getMBeanInfo(ObjectName name, boolean log, boolean nullIfNotFound)
    public ObjectInstance getObjectInstance(ObjectName name)
    public boolean isInstanceOf(ObjectName name, String className)
    public boolean isRegistered(ObjectName name) 

** If non-facade MBeans are sensitive
-Administrator and SuperUser can read/write to all of them
-Should other users even be aware of their existence?

**If non-facade MBeans are not sensitive
-Administrator, SuperUser, Operator, Maintainer can read/write to all of them
-Monitor, Auditor can read from all of them
-Should Deployer even be aware of their existence?