Hi Leo, 2007/7/31, Leo Li <[EMAIL PROTECTED]>: > Hi, all > In JAAS, there is an additional jaas policy which can be set by " > java.security.auth.policy" policy as well as normal java security policy. > But I found that org.harmony.security.fortress.DefaultPolicyParser will not > treat with the jaas policy.
How did you came to such conclusion and what you meant exactly? The policy format is basically the same and DefaultPolicyParser is actually used by org.apache.harmony.auth.DefaultSubjectPolicy which is the default JAAS policy. But the policy itself indeed is used nowhere, AFAIK. Moreover, it is deprecated and it's use is not documented in API specifications. Probably it was intended to affect Subject.doAs[Privileged]() behaviour, so you can attempt blackbox testing to shed some light into this dark matter ;) -- Alexey > Have I missed something or is the function put in other classes? > > Thanks. > -- > Leo Li > China Software Development Lab, IBM >
