JBoss.orgCommunity Documentation

Chapter 1. Introduction

1.1. Authorization
1.1.1. Clean Separation between Security Logic and Application Logic
1.1.2. Flexibility to apply Security Logic to arbitrary Runtime information
1.1.3. Runtime Management of Security Policy
1.1.4. A user friendly Developer API

Once a Subject (an Identity, Machine, etc) is authenticated by a system, Authorization is the security aspect that is used to determine: "What resources are they allowed access to within the system?"

Any Enterprise application requires flexible Authorization from its Security infrastructure with the following characteristics: