See: Description
| Class | Description |
|---|---|
| JaccEJBConstraintsTranslator |
This class is used for translating security constrains from
ejb-jar.xml and corresponding
annotations into JACC permissions, and writing this to the pluggable PolicyConfiguration (which is
EE standard permission repository). |
| JaccWebAuthorizationManager |
This class is the entry point for authorization decisions in the web container.
|
| JaccWebConstraintsTranslator |
This class is used for translating security constrains from
web.xml and corresponding
annotations into JACC permissions, and writing this to the pluggable PolicyConfiguration (which is
EE standard permission repository). |
JACC is the EE standard for taking care of the authorization aspects of security.
Code in this package translates constraints from the web and EJB descriptors that are pre-parsed by Payara into various JACC Permission instances. These instances are stored into a pluggable PolicyConfiguration. By default Payara is configured to use the one from "jacc.provider.file". This package also contains the web authorization manager, which is the entry point for all authorization decisions from the web layer. This too is delegated to a pluggable component called the JACC Policy Provider.
The pluggable JACC components are loaded by a class in nucleus:
PolicyLoader
Copyright © 2019. All rights reserved.