2 Replies Latest reply on Apr 12, 2011 9:02 AM by ricardoalonso

Load authorization policies dinamically

ricardoalonso Apr 8, 2011 5:12 PM

Hello everyone,

I'm trying to find a way to load the authorization policies for a user as soon as he/she log in. I don't want to change the actual JBoss mechanism of authorization. I was searching in the source an extension point, where plugin another component to load the roles JACC format as soon as the user logs in, but I could't find.

Anyone knows if there is an extension point, to plug in another source of policies and rules?

Thanks

Ricardo

1. Load authorization policies dinamically

wolfgangknauf Apr 12, 2011 8:41 AM (in response to ricardoalonso)

Hi Ricardo,

the default JBoss security mechanism should already dynamically load the roles of a user when she logs in. Take a look e.g. at the "DatabaseServerLoginModule": http://community.jboss.org/wiki/DatabaseServerLoginModule
There are a lot of other login modules available, and you can also create your own.

Hope that I understand your request ;-)

Best regards

Wolfgang
Actions
2. Load authorization policies dinamically

ricardoalonso Apr 12, 2011 9:02 AM (in response to wolfgangknauf)

Hi Wolfgang,

Thanks for your answer, but I need to use the JACC method to authorize the users, because the JAAS authorization method is not flexible as JACC. The JACC (http://java.sun.com/j2ee/javaacc/) uses another level of authority, so we can customize better our policies, forming groups of permissions.

I'm exploring the JBoss source code and looking a way to load it like the JAAS, as you describe. If you have another idea, please let me know.. ;-)

Regards

Ricardo
Actions

Go to original post