[jboss-jira] [JBoss JIRA] Closed: (EJBTHREE-759) Jacc layer should use the roles from the JBoss Security Manager
Anil Saldhana (JIRA)
jira-events at jboss.com
Tue Oct 24 13:19:41 EDT 2006
[ http://jira.jboss.com/jira/browse/EJBTHREE-759?page=all ]
Anil Saldhana closed EJBTHREE-759.
----------------------------------
Resolution: Done
> Jacc layer should use the roles from the JBoss Security Manager
> ---------------------------------------------------------------
>
> Key: EJBTHREE-759
> URL: http://jira.jboss.com/jira/browse/EJBTHREE-759
> Project: EJB 3.0
> Issue Type: Feature Request
> Components: Security
> Affects Versions: EJB 3.0 RC9 - FD
> Reporter: Anil Saldhana
> Assigned To: Anil Saldhana
> Fix For: EJB 3.0 RC10 - FD
>
>
> The Jacc Helper uses the principals stored in the subject for doing perm checks.
> There can be a need to perform role mapping on the roles. It is necessary to pick the roles from the JBoss Security Manager.
> We can use RealmMapping.getUserRoles to maintain compatibility with the 4.0.x series.
> In HEAD, ReamMapping calls internally the AuthorizationManager which will do role mapping (if user wishes) before providing the current roles. In 4.0.x, RealmMapping.getUserRoles anyway gets the roles from the authenticated subject.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list