Java Dynamic Management Kit 5.1 Getting Started Guide

Previous: 2.6.1.5 Authorization
Next: 2.7 The SNMP Toolkit

2.6.1.6 Subject Delegation

Java DMK 5.1 provides for subject delegation. The idea is that a single connection authenticated with a trusted identity, the delegate, can perform operations on behalf of other identities, without having to authenticate those identities explicitly or to establish a different connection per identity.

The delegate must have a specific permission to perform operations on behalf of each identity it assumes. This permission can be specified with a wildcard, to allow delegation from a set of identities. Unlike most permission checks, this one happens even if there is no Java security manager.

Previous: 2.6.1.5 Authorization
Next: 2.7 The SNMP Toolkit