-
Language:
English
-
Language:
English
Red Hat Training
A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification
6.2.
- <authorization>
- This element contains <policy-module> elements that define the policy module used to authorize application users, and whether the module is required:When multiple <policy-module> elements are present, they form a collective group of requirements that must be met before authorization is verified. This collective group is called a stack.
- <policy-module>
- This element uses the
code
attribute to specify what policy module implementation an application can use, and theflag
attribute to tell the application how to parse each policy module present in the policy stack. Theflag
attribute supports the following values:- required
- The module must succeed for authorization to be successful. If any required <policy-module> fails, the authorization attempt will fail. The remaining modules in the stack are called regardless of the outcome of the module.
- requisite
- The module is required to succeed. If it succeeds, authorization continues down the stack. If it fails, control immediately returns to the application.
- sufficient
- The login module is not required to succeed. If it does succeed, control immediately returns to the application. If it fails, authorization continues down the stack.
- optional
- The login module is not required to succeed. Authorization still continues to proceed down the stack regardless of whether the module succeeds or fails.