I meant an xml doc and the corresponding xsd which allows for all this blah blah you just wrote here.
-- xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx
Holger Baxmann wrote:
On Wed, 05 Nov 2003 06:36:33 -0800, Scott M Stark <[EMAIL PROTECTED]> wrote:
Give me an example of this meaningful description of an applied security model
that needs to be mapped into a declarative j2ee security descriptor.
The security of the whole system, where j2ee is only a part of, is less secure than the weakest part. Maybe j2ee-jaas is the strongest here, but only maybe. So you will have either two different mapping systems about party,place,thing - time - role or you are using a standardized kind of security infrastruture.
In both, the j2ee and the other parts of the solution.
So it should be mapped below the j2ee security, in an osi-fied point of view :)
Use java.securityManager.
All j2ee .?ar's sealed into crosscertified CA's certs.
j2ee could inherit the identities from this, at least the one of the server/instance.
It is mostly all about what the 'Identity' mean - in Authorization, Authentification and Auditing - in my example X.509 certs (I know they do not really exist), self signed or CA based.
So my example will be:
Security as a process of working with jboss, using it, audit it - beyound these j2ee marketing stuff in the real world where you have the all-use-the-same-password-user and the i-should tell you the password syndromes, by resting the social engeneering of credentials. Strongest identification, not fakable. Scalable and effortless in usage.
PK based VPN between several JBoss nodes in a cluster - secured.
your turn
bax
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
