[jboss-dev-forums] [Design of Security on JBoss] - Policy Implementation for VFS
anil.saldhana@jboss.com
do-not-reply at jboss.com
Mon Oct 6 16:35:50 EDT 2008
Adrian, you wanted to apply Java security permission checks to vfs deployments (deploy, undeploy etc).
Some possibilities are:
1) Use the current JACC policy implementation that is keyed in by a context id (which is essentially a string). So you can create a contextid that is the vfs url and create custom permissions that denote the controls that you want to apply.
2) We will need to extend the current DelegatingPolicy implementation (which is the JACC policy provider) to utilize VFS policy in addition to jacc.
Option 1 is the easiest. It has to be ensured that once the policy configuration is filled with permissions, a pc.commit needs to be called to make the policy get into action.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4180663#4180663
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4180663
More information about the jboss-dev-forums
mailing list