[
https://issues.apache.org/jira/browse/GERONIMO-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Jencks closed GERONIMO-2617.
----------------------------------
Resolution: Incomplete
Assignee: David Jencks
I can't tell well enough what you want here. I think you may want to implement
a custom jacc implementation. You might want something like triplesec. But
without much clearer goals we won't get too far.
> Custom Authorization
> --------------------
>
> Key: GERONIMO-2617
> URL: https://issues.apache.org/jira/browse/GERONIMO-2617
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security
> Reporter: Diego L Espineira
> Assignee: David Jencks
>
> Apache Geronimo to enable the developer to implement custom and complex
> security models, such as role hierarchies and permission inheritance between
> roles. This can be accomplished by adding an optional parameter to the
> security realm options specifying some class to intercept and handle the
> authorization to EJBs, WebServices and web content (JSP, html etc) by
> applying custom and application specific authorization based on information
> stored in somewhere else (like a DBMS).
> This enables an application to allow its users to change the EJB methods and
> content permissions through the application itself. The authentication and
> authorization settings is widely wrongly assigned to deployment time, while
> it must be assigned much of it to run time.
> An example of this is the JBoss SX approach to this subject. An application
> security realm is configured to use an "authorization manager", which is a
> class that implements org.jboss.security.SecurityProxy. And it handles the
> requests to all the resources like EJBs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
