commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Juozas Baliuka" <bali...@mwm.lt>
Subject Re: [simplestore] AccessControl
Date Wed, 20 Feb 2002 17:52:41 GMT
Hi,
Yes we it is better to use standard interfaces, we can use JAAS,
I am not sure, but it seems JAAS is added to JDK 1.4 and it is possible
to download it for JDK 1.3. It has configuration files,
plugable login modules , principals, groups ... , but I think we will need
it only
for authentication ( LoginContext, LoginModule, Subject ), authorization
must be more flexible.
we will need this logic :
 1. " Subject Has Permission on Class"
 2. " Subject Has Permission on Method"
 3. " Subject Has Permission on Object"
JAAS will not help for this authorization, it because we must grant some
permissions on
runtime.
Good examples for security (Authorization) design is jakarta-slide and
www.jboss.org

> Hi Jouzas,
> we talked about Security in the persistence classes
> some days ago (read and write access). How about
> using the java.security.acl interfaces for the
> implementation or do you tend towards something
> homegrown?
>
>   ~Gerhard
>
> "Eagles may soar, but weasels don't get
> sucked into jet engines.
> (Todd C. Somers)"
>
>
> --
> To unsubscribe, e-mail:
<mailto:commons-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:commons-dev-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message