Back to Security Pattern Catalog




Subject Descriptor


Classification Key : Core Security, Information Disclosure

Problem

The subjects of a system has many attributes that determine the type of privilege he will have in a system. How can the attributes be associated with a subject?

Solution

Provide access to security relevant attributes of an entity on whose behalf operations are to be performed.

Known Uses

Java Authentication and Authorization Service (JAAS) divides subject attributes into three collections – principals, private credentials, and public credentials..

Related Patterns

Security Context, Role Based Access Control

Source

Open Group Catalog

Tags

Subject, Access Control


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz