How can one put an authorization check inside the JBoss server? I.E. (pseudo-code)
Subject.doAs( JaasSecurityManager.getActiveSubject(),
new PrivilegedAction() {
public Object run() {
SecurityManager.checkPermission(
new Permission(...) );
} } );
Additionally, How can I create my policies and incorporate them into JBoss? I.E. a DB-persisted policy?
When I extend javax.security.auth.Policy and use either:
javax.security.auth.Policy.setPolicy(MyPolicy)
set
auth.policy.provider=MyPolicy
My permission checks do not work...