[jboss-dev-forums] [PicketBox Development] - Re: Make JBossPDP an interface to allow easier insertion of custom PDP.
ANIL SALDHANA
do-not-reply at jboss.com
Thu Sep 9 07:24:16 EDT 2010
ANIL SALDHANA [http://community.jboss.org/people/anil.saldhana%40jboss.com] created the discussion
"Re: Make JBossPDP an interface to allow easier insertion of custom PDP."
To view the discussion, visit: http://community.jboss.org/message/560791#560791
--------------------------------------------------------------
I think you should consider writing a separate XACMLAuthorizationModule that makes the decisions based on the information available from the subject, JDK (time/date/ip) etc.
In our case, we use it mainly for Java EE which is RBAC.
You know how to plug in your own authorization module at the security domain level. correct?
I would refrain from changing the EJBXACMLUtil/web...util because they are the core JBoss codebase.
It is best to write your own XACML authz module that uses our XACML api.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/560791#560791]
Start a new discussion in PicketBox Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20100909/8d7bd343/attachment.html
More information about the jboss-dev-forums
mailing list