We know that Jaas includes authentication and authorization, and here's a look at each of the following:
Authentication analysis is as follows:
1) The annotate of the class are as follows
@SecurityDomain ("other")
public class Calculatorbean implements Calculator
This will read the authentication information from the Users.properties:
Kabir=validpassword
2 The JBoss class used is as follows:
Import org.jboss.security.SecurityAssociation;
Import Org.jboss.security.SimplePrincipal;
3) Simpleprincipal is used to set the validation principle:
Securityassociation.setprincipal (New Simpleprincipal ("Kabir"));
4) Securityassociation is used to verify according to the principle:
Securityassociation.setcredential ("Invalidpassword". ToCharArray ());
5) Verification does not pass, will throw exception
Authorization analysis is as follows:
1) The role specified in the method
@MethodPermissions ({"Teacher"})
public int divide(int x, int y)
{
return x / y;
}
2) Setting roles in Roles.properties
Kabir=student
3 Run the right to judge, and prompted:
[Java] Insufficient method permissions, Principal=kabir, Interface=org.jboss.ejb3.ejbcontainerinvocation, Requiredr
Oles=[teacher], Principalroles=[student]