[jboss-dev-forums] [Design of Security on JBoss] - Re: JBoss 4.2 related discussion
anil.saldhana@jboss.com
do-not-reply at jboss.com
Fri Feb 16 23:20:16 EST 2007
"scott.stark at jboss.org" wrote : We just need to support the introduction of static roles. Where authentication is done to obtain a Subject, a post authentication interceptor can be added to optionally associated deployment level roles + mappings. This interceptor would have to be in between the authentication and authorization interceptors.
|
| In the web container, the construction of the JBossGenericPrincipal roles needs to consult the deployment metadata.
|
That made perfect sense. Thanks Scott.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4018057#4018057
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4018057
More information about the jboss-dev-forums
mailing list