JASPISecurityManagerService based on JSR196 ------------------------------------------- Key: JBAS-2623 URL: http://jira.jboss.com/jira/browse/JBAS-2623 Project: JBoss Application Server Issue Type: Task Security Level: Public(Everyone can see) Reporter: Anil Saldhana Assigned To: Anil Saldhana Fix For: JBossAS-5.0.0.Beta2 Implement the following: a) JASPISecurityManager is a standalone implementation class that implements the interface called "GeneralizedAuthenticationManager" (which is ServerAuthContext and AuthenticationManager interfaces). The way an implementation gets access to this through the AuthContextFactory mechanism. This is MC friendly. b) Since the JASPISecurityManager is a POJO friendly implementation, we are going to bring in a JMX wrapper called "JASPISecurityManagerService" (Actually can really use JaasSecurityManagerService, but lets retire him). Now since the wrapper binds the JASPISecurityManager to JNDI, there is no reason to go the AuthContextFactory way, for any service that needs authentication. Just look up the JNDI to get the securitymanager. This is what the JBossSecurityMgrRealm and the security interceptors will do. The above two take care of the generalized authentication mechanism.