[jboss-jira] [JBoss JIRA] Closed: (JBAS-2602) Next Generation Security Manager Service

Anil Saldhana (JIRA) jira-events at lists.jboss.org
Mon Feb 9 00:34:55 EST 2009 

     [ https://jira.jboss.org/jira/browse/JBAS-2602?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Anil Saldhana closed JBAS-2602.
-------------------------------

    Resolution: Done


> Next Generation Security Manager Service
> ----------------------------------------
>
>                 Key: JBAS-2602
>                 URL: https://jira.jboss.org/jira/browse/JBAS-2602
>             Project: JBoss Application Server
>          Issue Type: Task
>      Security Level: Public(Everyone can see) 
>          Components: Security
>    Affects Versions: JBossAS-5.0.0.CR2
>            Reporter: Anil Saldhana
>            Assignee: Anil Saldhana
>             Fix For: JBossAS-5.1.0.Beta1
>
>
> The current JaasSecurityManagerService is based on Jaas. 
> A new securitymanager service needs to be implemented that considers authentication, authorization and caching along with support for federation.  The identity holder should be a custom holder that removes the inflexibility provided by javax.security.auth.Subject, while considering various tokens as Principals (used in federation).
> Currently,
>         JaasSecurityManager implements AuthenticationManager, RealmMapping
> The new security service can be
>        JBossSecurityManager implements AuthenticationManager, RealmMapping
> Forum References:
> Generalizing the JAAS and JACC service: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=72264
> Flush security domain cache on sessionInvalidation : http://www.jboss.com/index.html?module=bb&op=viewtopic&t=73025
> Generic JBossWeb Authentication Framework : http://www.jboss.com/index.html?module=bb&op=viewtopic&t=73020
> Federated Identity : http://www.jboss.com/index.html?module=bb&op=viewtopic&t=72633

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list