This week's book giveaway is in the Open Source Projects forum.
We're giving away four copies of Spark in Action and have Jean-Georges Perrin on-line!
See this thread for details.
Win a copy of Spark in Action this week in the Open Source Projects forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Access Control List, ACL's, Websphere

 
Ranch Hand
Posts: 427
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am building a web application for Websphere 4.0.x
I need a general purpose Access Control List (ACL) solution.
Does IBM provide an ACL API?
Does Webpshere have an ACL API?
Do you use ACL's? What API do you use?
---
Access Control Lists (ACL)
ACL API's, ACL implementations
http://jakarta.apache.org/turbine/fulcrum/apidocs/org/apache/fulcrum/security/entity/package-summary.html
http://jakarta.apache.org/turbine/fulcrum/apidocs/org/apache/fulcrum/security/util/package-summary.html
http://www.opensymphony.com/osuser/
http://www.opensymphony.com/osaccess/
Access control list package: java.security.acl
Classes:
javax.security.auth.Subject
java.security.Principal
java.security.acl.Owner
java.security.acl.Acl
java.security.acl.AclEntry
java.security.acl.Group

BEA WebLogic Server:
http://edocs.bea.com/wls/docs81/secmanage/index.html
BEA writes {{ "In WebLogic Server 6.x, access control lists (ACLs) and permissions were used to protect WebLogic resources. In this release of WebLogic Server, security policies replace ACLs and permissions. Security policies answer the question "who has access" to a WebLogic resource. A security policy is created when you define an association between a WebLogic resource and a user, group, or security role. You can also optionally associate a time constraint with a security policy. A WebLogic resource has no protection until you assign it a security policy.
Creating security policies is a multi-step process with many options. To fully understand this process, read Securing WebLogic Resources. This document should be used in conjunction with Managing WebLogic Security to ensure security is completely configured for a WebLogic Server deployment. }}
 
Sean Sullivan
Ranch Hand
Posts: 427
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My company uses the IBM Websphere Application Server.
Based upon what I've read at ibm.com, IBM recommends using
a product called "IBM Tivoli Access Manager for e-business"
This product handles authentication and authorization requests.
The product seems to integrate with Websphere and uses Java 2's
security "Permission" classes and JAAS.
I'm not sure if we want to use Tivoli Access Manager. What are some other alternatives?
 
Our first order of business must be this tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic