I noticed in other posts that you(Anil) are looking into, or already created, an XACML JACC provider. I'm doing something similar.
Suppose I have an XACML policy that specifies "/index.jsp" as the protected resource(target). I have no need for the security contraints in the deployment descriptor. I won't enforce them as I only enforce the XACML policies. But, when someone brings up index.jsp, and no security constraint exists in the deployment decriptor, the JACC provider doesn't even get called. I'm not able to even evaluate the policy to grant or deny access. To work around this I place a security contraint on all web resources that allows all access. Then JBoss calls JACC on all web accesses and I'm able to evaluate the XACML policy and grant or deny access. WebSphere will call the JACC provider regardless of the security contraints in the deployment descriptor. This is the behavior I expected from JBoss. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3937837#3937837 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3937837 ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
