I am trying to use JASS authorization in JBOSS. i.e. grant granular Permissions to Principals within a JASS policy file. I believe the JACC module provides implementation for this however the wiki (http://wiki.jboss.org/wiki/Wiki.jsp?page=JACC) does not sufficiently describe how it is supposed to work. Can anybody provide a thorough example of how to implement JACC for a web application running on JBoss? To be a little more clear, the JAAS Policy shown below uses custom Principal and Permission classes from my application. How can I get the JBoss SecurityManager to load this application specific authorization config? Is JACC even the right direction?? | grant Principal com.ftid.custadmin.security.ClientAdminPrincipal "view_customer" { | com.ftid.custadmin.security.ViewIdPermission "/client/clientView.*"; | }; | grant Principal com.ftid.custadmin.security.ClientAdminPrincipal "view_update_customer" { | permission com.ftid.custadmin.security.ViewIdPermission "/client/clientEdit.*"; | }; | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4113000#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...