|
What are JAAS permissions?Permissions are the core part of authorization. Access to resources is controlled by permissions. JAAS permissions are built on top of Java security model. The security model of JAAS is best fit to control the access to resources like sockets and files.
What are JAAS permissions?1. Permissions control access to resources.
2. The JAAS permissions are built on top of the existing Java security model.
3. This model is very good for controlling access to resources like sockets and files, but has no concept of URLs.
4. Thus, to apply JAAS to a web application, a new permission class must be created which can be done in 2 ways:
a. Extending java.security.BasicPermission is one option. Using this would tie permissions to literal URLs.
b. Creating a URLPermission class extended the java.security.Permission class and handled wild cards in a manner similar to the java.io.FilePermission class.
|
