Hi Edward,
On Monday 11 December 2000 16:53, Kenworthy, Edward wrote:
> And finally, I think I've found the killer, in the JAAS documentation on
> the sun site it describes the use of the PrincipalComparator class to
> handle role hierarchies,
Could you give the exact reference, please?
> eg a subject with the principal of Senior User
> Role can automatically pick up all the permissions of the User Role. If
> think that makes it clear that Principal == role and that the proper
> structure is:
>
> EdwardKenworthy(subject) a user on the jBoss Appserver
>
> |--------->EKPassword which is for the jBossAppserver (private credential)
> |
> |--------->FinancialAdvisor a role on the jBoss Appserver (principal)
> |
> |--------->SalesManager a role on the jBossAppserver (principal)
Even if Sun does recommend such use of JAAS, it doesn't fit the EJB security
model: getCallerPrincipal() must return the user name.
Oleg
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
