Version 2

    Support for Java Authorization Contract for Containers (JACC) - JSR-115 - has been added to AS7.

     

    Common Configuration

    To add JACC authorization for an application, configure the security domain to used to include the JACC policy module as the authorization module. Here is an example:

     

    <security-domain name="jacc" cache-type="default">
        <authentication>
            <login-module code="UsersRoles" flag="required">
            </login-module>
        </authentication>
        <authorization>
            <policy-module code="JACC" flag="required"/>
        </authorization>
    </security-domain>
    

     

    Web Configuration

    One additional step is required to enable JACC for web applications. Add the <use-jboss-authorization> element in WEB-INF/jboss-web.xml. Here is an example:

     

    <jboss-web>
        <security-domain>jacc</security-domain>
        <use-jboss-authorization>true</use-jboss-authorization>
    </jboss-web>
    

     

    EJB Configuration

    TBD

     

     

    Section for Contributors to JBoss AS Codebase

    Web Subsystem

     

    The permissions are added to JACC PolicyConfiguration in the org.jboss.web.security.WarJaccService class.  The input will be the WarMetadata.  The JACC context id is the full name of the war application - something like "myapplication.war".