Taking advantage of more JACC features.
利用更多的jacc特性。
We will discuss JACC later in more detail.
我们稍后将对JACC进行更为详细的讨论。
That is basically the function of a JACC provider.
这本质上是JACC提供程序的功能。
See the JACC API Specification for more information on JACC.
有关JACC的更多信息,请参见JACCAPI规范。
JACC enables authorization decisions based on these permission classes.
JACC允许根据这些permission类进行授权决策。
Configurable flexible login modules, including support for JACC and JAAS.
可配置的灵活登录模块,包括对JACC和JAAS的支持。
Each JACC implementation incorporates some idea of how to map users to roles.
每个JACC实现对于如何将用户映射到角色都有具体的想法。
JACC provides good support for implementing the standard J2EE security model.
JACC为实现标准J2EE安全模型提供了良好的支持。
Let us now consider the range of security requirements that JACC might fulfill.
下面让我们看看JACC可能能够满足的一系列安全需求。
There might be performance implications in using the JACC method parameter-based access.
在使用JACC基于方法参数的访问时可能会存在性能影响。
Any JACC provider must satisfy the authorization requirements for all the applications in a cell.
任何JACC提供程序都必须满足计算单元内的所有应用程序的授权要求。
However, the JACC provider is not limited by the static nature of the standard J2EE security model.
不过,JACC提供程序并不仅限于标准J2EE安全模型的静态特性。
There are also other areas in which Geronimo's JACC implementation could use a little more attention.
还存在其他一些领域,Geronimo的JACC实现能够引起一些关注。
The JACC provider is obliged to provide a concrete Policy sub-class, which implements the implies method.
JACC提供程序必须提供实现implies方法的具体Policy子类。
User management Container managed, JACC-based user management, administered via console; LDAP realm supported.
用户管理容器管理的基于JACC的用户管理,通过控制台进行管理;支持LDAP领域。
JACC provides the ability to delegate the permissions checking of security authorization to an external provider.
JACC提供了将安全授权的权限检查委托给外部提供程序的功能。
The JACC provider has the autonomy and information necessary to also make dynamic, run time-based access decisions.
JACC 提供程序还具有进行动态的基于运行时的访问决策所必需的自主性和信息。
Let us now consider some caveats in the consideration of JACC, relating to performance and implementation complexity.
现在,让我们了解一下在考虑JACC时需要注意的一些与性能及实现复杂性相关的事项。
These both provide flexible user and permission administration that I think can easily be adapted to be a JACC provider.
这二者都提供灵活的用户和权限管理,我认为可以轻松地将其修改成为JACC提供程序。
Implementation of a JACC provider that extends the J2EE security model is a complex task and should not be undertaken lightly.
实现扩展J2EE安全模型的JACC提供程序是一项复杂的任务,不应轻视。
For example, WebSphere Application Server supports all of the policy context handlers that are required by the JACC specification.
例如,WebSphereApplicationServer支持JACC规范所要求的所有策略上下文处理程序。
Complications do arise, however, due to the fact that the JACC specification doesn't talk very much about how to map users to roles.
尽管如此,还是出现了一些并发症,这是因为:JACC规范对于如何将用户映射到角色这一点规定得不多。
Let us consider how this maps to standard J2EE security, and then to JACC usage before we look at the trade-offs that come with JACC.
在讨论JACC带来的利弊前,让我们考虑如何将这种关系映射到标准J2EE安全性以及JACC使用。
As mentioned earlier, the JACC provider has access to this information and is fully able to support externalizing these access decisions.
正如前面所提到的,JACC提供程序可访问此信息,并全面支持这些访问决策的外部化。
JACC provides uniform access to request parameters so a JACC provider can use parameters (but not results) in the permission decision process.
JACC提供对请求参数的统一访问,因而JACC提供程序可在权限决定过程中使用参数(而不是结果)。
When a product provides both JACC and proprietary API-based solutions, it is important to understand the capabilities available in each model.
当产品同时提供JACC和基于专用API的解决方案时,务必了解每个模型中可用的功能。
JACC specifies how an application server and a security provider can talk to each other to determine whether a particular request should be fulfilled.
JACC指定了应用服务器和安全提供程序如何相互交流以决定是否实现某个特定请求。
On the other hand, JACC does not supply support for performing non-standard permission checking, as would be required in extending the J2EE security model.
另一方面,JACC并未提供对执行非标准权限检查的支持,而扩展J2EE安全模型又将需要这种支持。
Basically, we have a fairly straightforward JACC provider that lets you map arbitrary (simple) principals to arbitrary roles, but it doesn't use any information in the request.
基本来讲,我们有相当直观的JACC提供程序,允许您将任意(简单的)主体映射到任意角色,但它不在请求中使用任何信息。
The job of the JACC provider is to take the information in the subject, possibly combine it with information from the request, and decide whether the request has permissions to do stuff.
JACC 提供程序的工作就是,获取主题中的信息,可能将其与请求的信息合并,并决定该请求是否有权限进行相关操作。
应用推荐