Hi Everyone,
I am a student and I am trying to develop a role based
Java desktop application for my project using Aspect Oriented Programming (AspectJ). After doing some research, I found that JAAS provides user based authorization. I have gone through some of the online materials and have successfully managed to get authentication bit working. The application so far asks for username and password (using sun's DialogCallbackHandler) and validates it against the username and password stored in a database (had to implement a new login module to add this functionality as this is not provided by sun's existing login modules).
Now JAAS supports Principal based authorization and I am trying to implement class as well as method based authorization. In my application, I will have a class Student which is a GUI form (with various other GUI classes) which retrieves information of students present in the database. Now not every user should be able to view student records i.e. in one way should not be able to create an instance of the class Student. Again if user can view records then he/she may be allowed only to view the records and not update or delete any of them i.e. methods such as update or delete will not be accessible to the user. As for now I am struggling to implement Class based authorization and need some help in this. Once I can get this working then I can focus on Method level authorization.
Could anyone give me some pointers what I need to do in-order to implement class or method level authorization (whichever is easier) or any-resource which might help me in this.
Please remember that this is a desktop application and not web application.
Looking forward to your reply.
Many Thanks for your help.
