From: Charlie.Lai@eng.sun.com (Charlie Lai)
Message-Id: <199903152338.PAA07963@angeles.eng.sun.com>
Subject: Re: Information on ACL
To: rcabon@atos-group.com (Ronan Cabon)
Date: Mon, 15 Mar 1999 15:38:32 -0800 (PST)
In-Reply-To: <000701be6c70$9f36fab0$3d040237@bartok> from "Ronan Cabon" at Mar 12, 99 11:10:54 am
hi,
> And secondly is it the right choice for me to =
> use the ACL Java classes implementation or would it be better to use new =
> security features from the JDK 1.2 as the SecurityController?
actually, if it's possible, instead of using the ACL classes,
we prefer you to implement your own
permissions (based on java.security.Permission or
java.security.BasicPermission) and then piggyback off the
existing access control architecture implemented by
java.lang.SecurityManager. that way you can also use
the existing access control policy as well.
some tutorials which might help you get started
(and determine if this is feasible) are located at:
http://java.sun.com/docs/books/tutorial/security1.2/index.html
of particular interest would be the trail which teaches you how
to implement your own permission:
http://java.sun.com/docs/books/tutorial/security1.2/userperm/index.html
hopefully that is helpful.
thanks,
charlie