Back to Security Pattern Catalog

Subject Descriptor

Classification Key : Core Security, Information Disclosure


The subjects of a system has many attributes that determine the type of privilege he will have in a system. How can the attributes be associated with a subject?


Provide access to security relevant attributes of an entity on whose behalf operations are to be performed.

Known Uses

Java Authentication and Authorization Service (JAAS) divides subject attributes into three collections – principals, private credentials, and public credentials..

Related Patterns

Security Context, Role Based Access Control


Open Group Catalog


Subject, Access Control


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz