> looks good. One question though - does AuthorizationManager > use the standard > Java2 permissions model?
Yes, well at least the initial implementation would - there could be others - as long as we use a proprietary api for abstraction. > -----Original Message----- > From: Peter Donald [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 21, 2002 4:46 AM > To: Avalon Developers List > Subject: Re: AAA Security > > > On Mon, 21 Jan 2002 15:11, MCCAY,LARRY (HP-NewJersey,ex2) wrote: > > Attached is quite a busy collaboration diagram describing > the interaction > > of the potential players in the AAA implementation. > > looks good. One question though - does AuthorizationManager > use the standard > Java2 permissions model? > > > > A couple things that need to be determined - the client > facing api for: > > 1. Authentication > > a. JAAS client api > > b. proprietary api to abstract authentication > mechanism - > > including JAAS > > > > 2. Authorization > > a. J2SE authorization api's > > b. proprietary api to abstract implementation > > > > I am inclined to try and provide an abstraction through > proprietary api. > > > > With that said, I think that we need to assume the use of > the JAAS subject > > as a vehicle for identity and attribute principals and > credentials. The > > subject would follow the user through the request/session > through the use > > of Subject.doAs() and/or doAsPrivileged() - this basically > associates the > > subject with the current thread of execution. > > > > Using this mechanism, we have a standard vehicle to use as > a security > > context and a standard mechanism to acquire it from the > thread context - > > Subject.getSubject(). > > > > We are not obligated to use JAAS login modules or JAAS > policy as the only > > mechanisms for authentication and authorization. > > > > Any thoughts? > > Works for me. I am not real familiar with JAAS but if it is > useful to provide > an abstraction over the top then I am all for that ;) > > -- > Cheers, > > Pete > > The big mistake that men make is that when they turn thirteen > or fourteen and > all of a sudden they've reached puberty, they believe that > they like women. > Actually, you're just horny. It doesn't mean you like women > any more at > twenty-one than you did at ten. --Jules > Feiffer (cartoonist) > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
