Jaas and jsse?

Jakob Praher jpraher@yahoo.de
Fri Mar 19 16:22:00 GMT 2004



Am Fre, den 19.03.2004 schrieb Michael Koch um 08:25:
> Am Freitag, 19. März 2004 08:01 schrieb Fernando Nasser:
> > Thank you all for your responses.
> >
> > I will check out Jessie.
> >
> > Also, having someone else interested in helping implementing jaas is
> > encouraging.  I will look at the classpath list archives.
> 
> In general I would be interested in implementing JAAS too. 
> 
Me too;-). The api on itself is pretty straightforward. 
The problem will be that you need a AccessController and
AccessControlContext implementation first. The Subject class
(javax.security.auth) simply extends the functionality of the
AccessControlContext (like the PrivilegedAction thing). Plus you have to
types of ProtectionDomains: Ones that doesn't specifiy principals and
others which do. Hence you need the SubjectDomainCombiner.

In essence 
Subject.doAs( subj, privilegedAction );
is much like the
AccessController.doPrivileged( privilegedAction );

-- Jakob

> 
> Michael



More information about the Java mailing list