[Jersey] Re: user/roles provider for AAA?

From: Kristian Rink <>
Date: Thu, 28 Apr 2011 16:09:16 +0200

Hi Laird;

and thanks very much for your thoughts on that... :

Am Thu, 28 Apr 2011 06:29:06 -0700 (PDT)
schrieb ljnelson <>:
> The "proper" way to do it is to set up a JACC provider. It is a
> woefully underdocumented pain in the neck, but that's the facility
> that the Java EE stack provides to bind a @RolesAllowed check to a
>, which can serve as the front end to your
> obscure glue code.

Aaah. Looking at our earlier trips to JAAS / JACC world, I already
feared it would boil down to doing this kind and amount of work. Oh
well... :)

> Start the whole JACC mess with implementing a
> You'll want to override the implies() method. Once you've got that,
> then start reading about JACC.

I'll have a look at it and see how far I get, following this road.
Hope I'll not end up learning that implementing a custom apache2
authentication module is the more sane thing to do... ;)

Thanks anyway for your help, all the best.