Hello,
finally I've found out why the JACC is not invoked for the simple servlet demo
application! First problem is that I need to mark the resource in web.xml as
protected (or use delegation to JACC for unprotected resources feature) and the
second is as I think a possible bug in JaccAuthoriza
Nobody? No idea what to do with it?
Thanks for any hint!
Karel
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4207857#4207857
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4207857
"anil.saldh...@jboss.com" wrote :
http://anonsvn.jboss.org/repos/jbossas/branches/Branch_4_2/security/src/main/org/jboss/security/jacc/DelegatingPolicy.java
|
| That is the JACC policy we use.
|
|
| | public PermissionCollection getPermissions(ProtectionDomain domain)
| |{
Hello,
I'm porting our custom JACC provider to JBoss. For access control I've found
that JBoss is using not recommended practice of calling `getPermission' on
policy provider. JACC 1.0 final release specification claims that after this
call container must call `implies' method on the returned Pe
