Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jakartaee-platform-dev] Safe to remove permissions.xsd?
Hi,



On Tue, 9 Jul 2024 at 23:54, Jared Anderson via jakartaee-platform-dev <jakartaee-platform-dev@xxxxxxxxxxx> wrote:
- If permissions.xml is NOT applicable to Jakarta Authorization permissions, then I agree that permissions XSD file for EE 11 can be removed and the one remaining reference to permissions.xml can be removed from the Platform specification.

It is indeed NOT applicable to Jakarta Authorization Permissions. permissions.xml (and it's associated XSD) was to declare for an application  upfront which code based permissions were needed (e.g. permission to read file, update socket, etc). Jakarta Authorization doesn't deal with code based permissions, but only with subject based permissions (what is a subject, e.g. authenticated caller/logged-in user) allowed to do or not.

Kind regards,
Arjan Tijms


 

Back to the top