Re: Some questions

Charlie Lai (charlie@angeles.eng.sun.com)
Tue, 12 Jan 1999 10:51:29 -0800 (PST)

hi,

> I've read your Security architecture document.
> On the document you have plan to support User authentication policy
> at mid of 1997. So i suppose that you have already solution of user
> authentication mechanisms such as:
>
> explicit principal concept and classes
> user authentication primitives (both password-based and otherwise)
> cross-protection-domain principal authentication protocols
> general mechanisms for authorization and delegation

we are in the midst of designing the authentication framework.
we do have an explicit principal concept and classes.
we also support pluggable user authentication, meaning
you can plug in a password-based module or any other
type of module (biometric, smart card, etc).
the architecture accomodates cross-domain authentication
(again this depends on the plug-in module implementation).
finally, the architecture has authorization (access control)
built in.

the APIs and documentation will hopefully be available shortly.
check http://java.sun.com/security

thanks,
charlie