Hi Scott
Uhm I think you're missing the point. The various JAAS papers talk about
Principal both being a role AND a login. However in EJB-land a single login
can have many roles, so you can't just bundle the two together.
Edward
-----Original Message-----
From: Scott M Stark [mailto:[EMAIL PROTECTED]]
Sent: 14 December 2000 20:48
To: jBoss
Subject: Re: [jBoss-User] Security
----- Original Message -----
From: "Kenworthy, Edward" <[EMAIL PROTECTED]>
To: "'jBoss'" <[EMAIL PROTECTED]>
Sent: Monday, December 11, 2000 8:07 AM
Subject: RE: [jBoss-User] Security
> Sure, and here's some others as well:
>
> 1) From the JAAS FAQ http://java.sun.com/security/jaas/faq.html
>
> Q: Why doesn't the Subject class have explicit methods to support the
notion
> of a Role?
> A: A role is a specific type of Principal. To act in a particular role, a
> Subject simply needs to authenticate and have a specific role Principal
> added to its Principal set.
>
> However this
>
> Q: Why are access controls Subject-based? Shouldn't they be based on the
> Credentials a Subject owns?
> A: Conventional access control architectures base authorization decisions
on
> named Principals. Principals represent authenticated identities for a
> Subject, so it is natural to grant permissions to Principals.
>
> from the same source seems to contradict it as it doesn't make sense for
> systems (like EJB app servers) where a person can be assigned multiple
> roles. (Just because I am a FinancialAdvisor and SalesManager surely
doesn't
> mean I have to login twice and possibly have a separate pw for each!)
>
I don't see these as contradictary statements. In both cases a Principal(s)
is what
is important. Its up to the LoginModules used to authenticate a Subject to
assign
the FinancialAdvisor & SalesManager roles to the Principal. Under the covers
multiple logins and passwords may in fact be necessary, but a single sign-on
view can be achieved by cooperation between the LoginModules.
> 2) Section 5.1 Principal Based Access Control and 5.2 Access Control
> Implementation of http://java.sun.com/security/jaas/doc/acsac.html
>
> It's not entirely clear as they, weirdly, don't seem to have anticipated a
> single user (subject) logging onto a service (principal) with multiple
roles
> (also principal!). Which is exactly what you can do in EJB-land.
>
I see clear support for multiple roles from this paper. They talk about
roles
being Principals and since Subjects can have multiple Principals, any
context
based on a Subject implies multiple Principal identities be they user
aliases or roles.
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
