|
Describe authorization with JAAS.JAAS authorization is an extension of Java security architecture, used to specify what the accessible rights are granted to the existing code. The granted permissions are based on the characteristics of the code, such as where the code is coming from and whether it is signed digitally and by whom.
Describe authorization with JAAS.JAAS Authorization:
1. JAAS authorization is built on top of JAAS authentication. It augments the existing code-centric access controls with new user-centric access controls.
2. After a user has been authenticated by JAAS, the authorization API associates the Subject with an appropriate access control context.
3. Whenever the Subject attempts a restricted operation, the Java runtime consults the policy file to determine which Principal(s) may perform the operation.
4. If the Subject in question contains the designated Principal, the Java runtime allows the operation. Otherwise, it throws an exception.
|
