i was trying to include application defined permissions in the jacc context so custom authorization can be done on top of the role based j2ee checks when needed. ie, so methods can use:
AccessController.checkPermission(new MyPermission("name", "read"));
the simplest way seems to be to inject them into the policy configuration on app startup
PolicyConfiguration config = PolicyConfigurationFactory.getPolicyConfigurationFactory().getPolicyConfiguration("myapp/mymodule", false);
config.addToRole(group, mypermissions);
config.commit();
But the implementation tries to delete and write the policy file for the app on commit, so i get a security error, but i also don't want to change this file.
I played around with extending PolicyConfigurationFactoryImpl, PolicyConfigurationImpl, PolicyWrapper, to try to get the behaviour i want of just adding in some extra permissions at runtime, but didn't come up with a good way.
Is there a better way?
[Message sent by forum member 'sje']
http://forums.java.net/jive/thread.jspa?messageID=478502