On 22 Okt, Till: [EMAIL PROTECTED] wrote: > On 21 Okt, Scott M Stark wrote: >> I plan on doing an extension of JBossSX + JCA based on applicable >> standards to provide a uniform security service for all JBoss services. > > Thats great. But is this "plan as in will be done spring 2002" or as in > "plan I am alreaddy working on it". I need to sort of get my stuff up an > woring this year, and personally it would be great to know at least the > direction you are working in.
Ok, I have read the Connector spec so many times, but never the JAAS appendix. It's all there (well almost all) except from (what I guess) that the Subject (principal mapping) done that way will not be accessable by the calling client. Is there any support today in JBosscx to use the Subject from the calling security domain? //Peter > > //Peter >> >> ----- Original Message ----- >> From: <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]> >> Sent: Sunday, October 21, 2001 12:29 PM >> Subject: Re: [JBoss-dev] User API; was Tomcat security/LdapLoginModule >> >> >>> At a first architectual level, this would mean that to be able to >>> autenticate as the the current user, each such system must have added a >>> LoginModule to the auth chain for that particular security domain, and >>> that the LoginModule works in cooperation with the API/adapter giving >>> access to the resource data, probably by using some sort of >>> encryption/ticket granting mechanism internally known only the the parts >>> handling the resource. >>> >>> This could probably be made pretty generic for JCA stuff (JBoss would >>> have to handle both the LoginModule and the encrytion/decryption of >>> credentials. For LDAP it would not be that hard either, I think. >>> >>> Or is it better to wait for SUN to make a stand on this things (and they >>> will eventually!)? Should we only implement stuff that is standardized >>> for the container? >>> >>> Well, just my 2c. >>> >>> //Peter >>> >> >> >> >> _______________________________________________ >> Jboss-development mailing list >> [EMAIL PROTECTED] >> https://lists.sourceforge.net/lists/listinfo/jboss-development > -- Jobba hos oss: http://www.tim.se/weblab ------------------------------------------------------------ Peter Antman Technology in Media, Box 34105 100 26 Stockholm Systems Architect WWW: http://www.tim.se Email: [EMAIL PROTECTED] WWW: http://www.backsource.org Phone: +46-(0)8-506 381 11 Mobile: 070-675 3942 ------------------------------------------------------------ _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
