Discussions

News: Java Authorization Contract for Containers PDF2 Released

  1. Proposed final draft 2 of the Java Authorization Contract for Containers (JACC) has been released for public review. JACC defines new classes and contracts for J2EE containers that will allow developers to use the standard security infrastructure provided by J2EE but have the providers of the security be transparently pluggable into their J2EE 1.4 appserver.

    Check out JavaTM Authorization Contract For Containers.

    How do you forsee JACC functionality (standardized in J2EE 1.4) impacting your upcoming software projects?
  2. Application servers like JBoss and Websphere provide JAAS integration with the EJB Containers, which allows you to provide your own pluggable security providers.

    How is the JACC proposal related to this method?
  3. If I remember it correctly, only the authentication part of JAAS is supported by 1.3. If anybody provides more, it's app vendor specific.
    This seems to deal with the authorization side of the thing.
  4. Does anyone know of vendors which plan to comply with this specificaion?