1 Reply Latest reply on Oct 18, 2002 11:21 PM by Juha Lindfors

    Roles versus Principals/Subjects

    Ian Wehrman Newbie

      Hello all,
      i am wondering if someone can help me understand the relationship between roles in j2ee and Principals and Subjects in jaas. i believe i understand how Subjects and Principals relate to each other, how they are created and returned from a LoginContext, and how they can then be used to execute privileged actions (with doAs). however, i'd like to be able to give "users" in a system application-specific permissions based on their role. Is there a way to bind permissions to a specific Principal or Subject at runtime? How do Principals and Subjects relate to the containers' notion of roles? i've tried to read all the documentation i can find, so if anyone has a link that explains this i would be appreciative. also if this is better suited to the security forum, i'm happy to repost. thanks!