Uploaded image for project: 'Application Server 3  4  5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-3304

Adapt PolicyConfig to incorporate AuthorizationInfo

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • JBossAS-5.0.0.Beta1
    • JBossAS-5.0.0.Beta1
    • Security
    • None

      Currently the PolicyConfig is tied to the authentication info (JAAS and/or JASPI). Since we would like to define authorization policies as part of the global policy config, we need to adapt the existing Policy Config infrastructure to incorporate authorization info.

      Here is an example:
      ========================================================================
      <!-- Tests both authentication and authorization config -->
      <application-policy name="TestAuthorization">
      <authentication-jaspi>
      <login-module-stack name="lm-stack">
      <login-module
      code="org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag="required">
      <module-option name="usersProperties">props/jbossws-users.properties</module-option>
      <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
      <module-option name="unauthenticatedIdentity">anonymous</module-option>
      </login-module>
      </login-module-stack>
      <auth-module code="auth.module1.class.name">
      <module-option name="usersProperties">props/jbossws-users.properties</module-option>
      <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
      <module-option name="unauthenticatedIdentity">anonymous</module-option>
      </auth-module>

      <auth-module code="auth.module2.class.name" login-module-stack-ref="lm-stack"/>
      </authentication-jaspi>

      <authorization>
      <policy-module code="policy.module1.class.name"
      flag="required">
      <module-option name="usersProperties">props/jbossws-users.properties</module-option>
      <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
      <module-option name="unauthenticatedIdentity">anonymous</module-option>
      </policy-module>
      </authorization>
      </application-policy>
      ========================================================================

              anil.saldhana Anil Saldanha (Inactive)
              anil.saldhana Anil Saldanha (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: