[jboss-dev-forums] [Design of Security on JBoss] - Re: SecurityContext
scott.stark@jboss.org
do-not-reply at jboss.com
Tue Dec 5 14:21:05 EST 2006
"anil.saldhana at jboss.com" wrote :
| anonymous wrote : I'm not seeing how the run-as identity and roles fits into the SecurityContext. How does it?
| RunAsIdentity is not applicable to every JEMS project. It is more of an JEE aspect. Both RAI and Roles will be keyed in the context map inside SC implementation.
|
Forget about the specific RunAsIdentity notion. This should be a subset of a general trust configuration where there is an assertion that the caller is X with proof of identity Y. The javaee run-as notion has X=some-role with Y=the-ability-to-deploy-a-component-with-a-run-as-tag.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3991426#3991426
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3991426
More information about the jboss-dev-forums
mailing list