That is correct, a Principal can be the identity of a login as in a userid and a
Principal
can be a role. Both can be associated with a Subject. This is exactly the case in
EJB-land. Is there a specific section of the paper your in disagreement with or think
is contradictary? Let's get the vocabularly clearly defined as it certainly is a
little loosely
used in the papers.
Please do subscribe to mailto:[EMAIL PROTECTED] as I have made
a few comments regarding your proposal that you will want to comment on.
----- Original Message -----
From: "Kenworthy, Edward" <[EMAIL PROTECTED]>
To: "'jBoss'" <[EMAIL PROTECTED]>
Sent: Thursday, December 14, 2000 11:52 PM
Subject: RE: [jBoss-User] Security
> Hi Scott
>
> Uhm I think you're missing the point. The various JAAS papers talk about
> Principal both being a role AND a login. However in EJB-land a single login
> can have many roles, so you can't just bundle the two together.
>
> Edward
>
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
