Menu
▾
▴
[Jboss-dev-forums] [Design of Security on JBoss] - Re: Generalizing the JACC service
|
From: <sco...@jb...> - 2005-08-10 15:49:25
|
Yes, we do need the ability to configure the jacc modules per application. Part of this is a much better notion of correlating the jacc policy context id with a deployment. Today its based on the deployment jar, but there needs to be support for externalization of this id for easy correlation with the external security stores. We do need a coupling of the authentication and authorization layers through the authentication Subject. Today we do not support a notion of being able to authenticate, and using only the Subject, execute as the subject. It would require a custom login module that could validate that the doAs Subject is in fact one that has been authenticated, and still has a valid cache state. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3889286#3889286 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3889286 |
