[jboss-dev-forums] [Design of Security on JBoss] - JBoss 4.2 related discussion
anil.saldhana@jboss.com
do-not-reply at jboss.com
Fri Feb 16 16:31:30 EST 2007
Topic: Support deployment level principal-role mapping via jboss.xml.
If there is deployment level principal-role mapping done by the user, we should be able to take this into account during authorization decisions.
Here is an example of this mapping:
| <jboss>
| <assembly-descriptor>
| <security-role>
| <role-name>Administrator</role-name>
| <principal-name>j2ee</principal-name>
| </security-role>
| <security-role>
| <role-name>Employee</role-name>
| <principal-name>javajoe</principal-name>
| <principal-name>j2ee</principal-name>
| </security-role>
| </assembly-descriptor>
| </jboss>
|
This info is available in the metadata and can be obtained in the JBossSX layer.
The previous approach of "DeploymentRolesLoginModule" was unaccepted.
http://www.mail-archive.com/jboss-development@lists.sourceforge.net/msg65476.html
Any ideas about solving this properly?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017903#4017903
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017903
More information about the jboss-dev-forums
mailing list