JAAS 学习笔记

JAAS

Resource:http://hintcnuie.iteye.com/blog/245239

 
Authentication, Authorization and Access Control
The primary goal of JAAS is to manage the granting of permissions and performing security checks for those permissions.
 
1.Authentication
1.1 Concept
Principal is one of identifers of a subject.
Subject is a collection of principals.
Credential is a prove of principal, it could be any type of object.  
Authentication:The process to identify subject and attach credentials and principals to a subject.
LoginModule: provide a pluggable way to have system support JAAS.
                    used for authentication(login, and principals, credentials binding)
                    ( authentication technology providers interface)
LoginContext:describes the basic methods used to authenticate Subjects and provides a way to develop an
                    application independent of the underlying authentication technology.
                    ( Application Interface)            
Configuration:determine which LoginModules should be used,
                     and which ones must succeed in order for the overall authentication to succeed(consits of AppConfigurationEntrys).
CallbackHandler: communicate and interact with users to gather identification information
CallBack: store information gathered by CallbackHandler;
  
1.2Authentication Progress
Application employ LoginContext to get a authenticated Subject. At this time, LoginContext will ask the Configuration for the
plugined LoginModules, and call each LoginModule to attach principals and credentials to  Subject(owned by each LoginModule or LoginContext).
Before each LoginModule attach principals and credentials, there will be a chance for LoginModule to judge whether to attach or not,
it employ CallbackHandler to collect informations in the CallBacks. If the collected information is valid, it could do attach now(in LoginContext is commit).
 
2.Authorization && AccessControl
2.1 Concept
Permission defines what kind of actions on a target.
Permission = Permission Type + Target(permission effect on) + Action(Optional)  
Not a subject but principal is assigned to a permission(defined by policy).

 

Policy: defines which permission are granted to a given security context(principal).( Deploying time And RunTime
Authorization: binding permissions to princpals(policy)
Acess Control: access sensitive code employ AccessControler or Security Mananger to check subject have the right to access resources.
ProtectDomain: encapsulates a set of classes whose instances are granted a set of permissions when being executed on behalf of a given
                        set of Principals.
2.2 Acess Control Progress
 

3. Two Extensible Interface
  Subject -- Principals -- Permission: Jaas employs Pricipals to decouple the Subject and Principals.
 
  Configuration: support to dynamicly or staticly add/remove/edit LoginModules which attach pricipals to Subject.
                        It judges which pricipals a Subject could have.
 
   Policy: support to dynamicly or staticly add/remove permissions to a principal.
             It judges which permissions a principal could have.

4. JAAS in Tomcat
   Realm: as LoginModule, authenticate a user based on a username and password, adding “roles” to that user if authentication was successful.
             defined as Realm in server.xml  
   Role: as Principal, defined as security-role in web.xml  
   Authenticator: as access controller to take access control function. defined as login-config in web.xml.
               It look down security-constraint to check.
     
  
 
 
 
 
 

 

内容概要:本文探讨了在MATLAB/SimuLink环境中进行三相STATCOM(静态同步补偿器)无功补偿的技术方法及其仿真过程。首先介绍了STATCOM作为无功功率补偿装置的工作原理,即通过调节交流电压的幅值和相位来实现对无功功率的有效管理。接着详细描述了在MATLAB/SimuLink平台下构建三相STATCOM仿真模型的具体步骤,包括创建新模型、添加电源和负载、搭建主电路、加入控制模块以及完成整个电路的连接。然后阐述了如何通过对STATCOM输出电压和电流的精确调控达到无功补偿的目的,并展示了具体的仿真结果分析方法,如读取仿真数据、提取关键参数、绘制无功功率变化曲线等。最后指出,这种技术可以显著提升电力系统的稳定性与电能质量,展望了STATCOM在未来的发展潜力。 适合人群:电气工程专业学生、从事电力系统相关工作的技术人员、希望深入了解无功补偿技术的研究人员。 使用场景及目标:适用于想要掌握MATLAB/SimuLink软件操作技能的人群,特别是那些专注于电力电子领域的从业者;旨在帮助他们学会建立复杂的电力系统仿真模型,以便更好地理解STATCOM的工作机制,进而优化实际项目中的无功补偿方案。 其他说明:文中提供的实例代码可以帮助读者直观地了解如何从零开始构建一个完整的三相STATCOM仿真环境,并通过图形化的方式展示无功补偿的效果,便于进一步的学习与研究。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值