Jakarta Authorization defines a low-level SPI for authorization modules, which are repositories of permissions facilitating subject based security by determining whether a given subject has a given permission, and algorithms to transform security constraints for specific containers (such as Jakarta Servlet or Jakarta Enterprise Beans) into these permissions.
The primary goal of this release is to make Jakarta Authorization more suitable for cloud deployments, by adding an option to add policy providers programmatically for a single application. This mirrors the API available for Jakarta Authentication.
More specifically:
The JDK version required will be aligned with Jakarta EE 10.
The Specification Committee Ballot concluded successfully on 2021-06-09 with the following results.
| Representative | Representative for: | Vote |
|---|---|---|
| Kenji Kazumura | Fujitsu | +1 |
| Dan Bandera, Kevin Sutter | IBM | +1 |
| Ed Bratt, Dmitry Kornilov | Oracle | +1 |
| Andrew Pielage, Matt Gill | Payara | +1 |
| Scott Stark, Mark Little | Red Hat | +1 |
| David Blevins, Jean-Louis Monteiro | Tomitribe | +1 |
| Ivar Grimstad | EE4J PMC | +1 |
| Marcelo Ancelmo, Martijn Verburg | Participant Members | +1 |
| Werner Keil | Committer Members | +1 |
| Dr. Jun Qian | Enterprise Members | +1 |
| Total | 10 |
The ballot was run in the jakarta.ee-spec mailing list.
单击下面的规范以访问规范文档、Javadoc、技术兼容性工具包(TCK)以及每个版本的规范的兼容实现.
Jakarta EE Platform and Profile 规范是各个规范的总括规范。Jakarta EE Platform 包括大多数单独的规范,而 Profile 规范包括用于开发Web平台和微服务体系结构的单独规范.
每个单独的规范都描述了实现企业Java应用程序的特定方面的标准化方式.