该Subject对象代表了可以访问会话bean的已认证的用户。
This Subject object represents the authenticated user that has access to the session bean.
会话 bean 仅能看到刚才已认证的用户——而不是进入门户系统的用户。
The session beans only see the user that you just authenticated--not the user that is logged into the portal.
相比之下,授权是系统用来决定已通过认证的某个特定用户访问系统控制的安全资源的访问级别的一种机制。
Authorization, by contrast, is the mechanism by which a system determines what level of access a particular authenticated user should have to secured resources controlled by the system.
应用推荐