I like using the JAAS (Java Authentication and Authorization Service) at
least for authentication (the home page for JAAS is
http://developer.java.sun.com/developer/earlyAccess/jaas/index.html).
If I can use J2EE authorization I don't need much out of JAAS for
authorization but J2EE authorization is limited and many applications out in
the field can't conform. Here JAAS can be useful in developing some
customized authorization framework (e.g. permission-based or dynamic
role-based). Hopefully, future specs will give more options in the area of
declarative security (along the lines of a more general support like what
AspectJ would provide?).
>From: krithikav <[EMAIL PROTECTED]>
>Reply-To: krithikav <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Authentication and Authorization
>Date: Thu, 19 Jul 2001 14:48:25 +0530
>
>Hi,
>I am a novice to EJBs.But I have been give the task of implementing
>authentication and authorization using J2EE APIs in our application. Can
>anybody suggest some good article/website or any pointers in this
>regards.
>
>Thanks,
>Krithika
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
