Uploaded image for project: 'EJB 3.0'
  1. EJB 3.0
  2. EJBTHREE-759

Jacc layer should use the roles from the JBoss Security Manager

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • AS 4.2.0 GA
    • EJB 3.0 RC9 - FD
    • Security
    • None
    • Medium

      The Jacc Helper uses the principals stored in the subject for doing perm checks.

      There can be a need to perform role mapping on the roles. It is necessary to pick the roles from the JBoss Security Manager.

      We can use RealmMapping.getUserRoles to maintain compatibility with the 4.0.x series.

      In HEAD, ReamMapping calls internally the AuthorizationManager which will do role mapping (if user wishes) before providing the current roles. In 4.0.x, RealmMapping.getUserRoles anyway gets the roles from the authenticated subject.

              anil.saldhana Anil Saldanha (Inactive)
              anil.saldhana Anil Saldanha (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: