Re: Integrating J2EE and JAAS

Sat, 19 Feb 2000 14:11:01 -0800 

> When we designed and developed JAAS it was on a 1.2 JVM, then we hit a
> snag and had to add an API thus it could not be aded to JDK 1.2 so then
> it cam dependant on 1.3.
>
> All of our 1.2.x JVMs will ship with JAAS as we do have a 1.2 version
> (fixed the problem)

Does that mean I can load a new version of JAAS and use it with 1.2?
Where do I get it from?

How about releasing the JAAS implementation under an open source
license?


> Agree, we started with some platform Principals and credentials so now
> its time to move on. We do have a J2EE Principal definition that we are
> taking forward so that may help

Will you care to look at my code base. I can send you something Monday
(from my office PC) that deals with Servlet/EJB and also LDAP and X509
login modules.


> I gather you will be doing a Subject.doas() where both the identity swap
> and the dispatch is done. Why would you want to do both, why not let
> container code do the dispatch ?

Actually, I'm not doX-MoX-Mozilla-Status: 0009ace in J2EE for a doAs().
By definition of the current Servlet spec (2.3) and EJB (1.1) all
application code is premission-less. The container itself runs in a
different code base, and has all the permissions in the world.

I am using doAs() in the resource managers (JDBC, JMS, WebDAV) to get a
permission, but since the resource managers are not J2EE specific, I use
the PrivilegedAction mechanism of 1.2.

Although the 1.3 AccessControl mechanism is useful and developed
friendly, I couldn't just any place where I really need it, and I must
assure all my code is 1.2 compatible for at least the next year.

(In Tomcat we're breaking the code into the 1.1 portion and the 1.2
portion. Apparently a lot of people are using 1.1 at the moment, mostly
the IBM one :-) )

arkin

>
> Thanks,
> Anthony Nadalin
> _______________________________
>
> mailto:[EMAIL PROTECTED]
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST".  For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".

===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST".  For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".

Reply via email to