JAAS good for RBAC?

W

William Z.

I am doing a web app where I will have 4 different user roles and need
to have some sort of role based access control. I have a main admin user
which needs to be able to grant priveledges to all the other roles, and
each other role can grant privs to the role less than it. Also, each
role will need to be logged in w/ some type of login system.

I'm wondering if JAAS is good for this or if there is something better
that makes a good implementation.
 
D

Dag Sunde

William Z. said:
I am doing a web app where I will have 4 different user roles and need to
have some sort of role based access control. I have a main admin user which
needs to be able to grant priveledges to all the other roles, and each
other role can grant privs to the role less than it. Also, each role will
need to be logged in w/ some type of login system.

I'm wondering if JAAS is good for this or if there is something better
that makes a good implementation.
Click to expand...

Never really looked into it, but can the "Role" pattern be of use?
http://st-www.cs.uiuc.edu/users/hanmer/PLoP-97/Proceedings/riehle.pdf
 
O

Oliver Wong

William Z. said:
I am doing a web app where I will have 4 different user roles and need to
have some sort of role based access control. I have a main admin user which
needs to be able to grant priveledges to all the other roles, and each
other role can grant privs to the role less than it. Also, each role will
need to be logged in w/ some type of login system.

I'm wondering if JAAS is good for this or if there is something better
that makes a good implementation.
Click to expand...

Never heard of JAAS before your post, but after some quick googling, I
found
http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/GeneralAcnAndAzn.html

You assign permissions based on principals, and every user can have
multiple principals associated to them (a given collection of principals
that a user has is called a subject). So a user who is both, for example, an
"Backup Technician" and a "Programmer" would simply have both the "Backup
Technician" principal, and the "Programmer" principal.

By having the "Backup Technician" principals, she'd have access to
scheduling the backup processes, and the backup tapes. By having the
"Programmer" principals, she'd have access to CVS and perhaps the wiki where
documentation is stored. (This is assuming that all of this stuff is control
from Java).

- Oliver
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

JAAS 1
JAAS RBAC Solution 0
Lazy loading of JAAS principals? 0
C++ Programming Searching for Good Way to Learn 2
Is being a web dev still a good job ? 6
Hello all! Noob here with completely unrealistic ambitions. Happy to join the crew and get good enough to help others. 4
cross domain single sign-on with JAAS 1
Seeking co-founders for my company. 2

Members online

Total: 60 (members: 4, guests: 56)
Robots: 410

Forum statistics

Threads
473,982
Messages
2,570,185
Members
46,737
Latest member
Georgeengab

Latest Threads

Top