[jboss-jira] [JBoss JIRA] Created: (EJBTHREE-759) Jacc layer should use the roles from the JBoss Security Manager
Anil Saldhana (JIRA)
jira-events at jboss.com
Tue Oct 24 12:38:41 EDT 2006
Jacc layer should use the roles from the JBoss Security Manager
---------------------------------------------------------------
Key: EJBTHREE-759
URL: http://jira.jboss.com/jira/browse/EJBTHREE-759
Project: EJB 3.0
Issue Type: Feature Request
Components: Security
Affects Versions: EJB 3.0 RC9 - FD
Reporter: Anil Saldhana
Assigned To: Anil Saldhana
Fix For: EJB 3.0 RC10 - FD
The Jacc Helper uses the principals stored in the subject for doing perm checks.
There can be a need to perform role mapping on the roles. It is necessary to pick the roles from the JBoss Security Manager.
We can use RealmMapping.getUserRoles to maintain compatibility with the 4.0.x series.
In HEAD, ReamMapping calls internally the AuthorizationManager which will do role mapping (if user wishes) before providing the current roles. In 4.0.x, RealmMapping.getUserRoles anyway gets the roles from the authenticated subject.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list