users@jersey.java.net

[Jersey] Re: user/roles provider for AAA?

From: Kristian Rink <kawazu428_at_googlemail.com>
Date: Thu, 28 Apr 2011 16:38:18 +0200

Am Thu, 28 Apr 2011 07:26:07 -0700 (PDT)
schrieb ljnelson <ljnelson_at_gmail.com>:

> The other thing about JACC is that your Policy ends up being the One
> True Policy for the entire JVM, not just for your web application.
> So you need to write a Policy that wraps another and delegates to it
> as necessary.

Yes, exactly this is what so far pretty much scared me off messing with
java.security.Policy altogether - it seems way too low-level and too
global to actually deal with it. But if this is the only way, I guess
there's not much to choose from... :/

Cheers,
Kristian