AT> It is indeed NOT applicable to Jakarta Authorization
AT> Permissions. permissions.xml (and it's associated XSD) was to
AT> declare for an application upfront which code based permissions
AT> were needed (e.g. permission to read file, update socket,
AT> etc). Jakarta Authorization doesn't deal with code based
AT> permissions, but only with subject based permissions (what is a
AT> subject, e.g. authenticated caller/logged-in user) allowed to do
AT> or not.
JA> I may have removed too many things if permissions.xml can be used
JA> for Jakarta Authorization permissions as well as Java security
JA> permissions.
EB> Yes, I wondered about that too. There was a dangling reference to
EB> text you removed. I removed the dangling reference in d44036f. If
EB> you put your text back, I’ll put the reference back.
JA> - If permissions.xml is NOT applicable to Jakarta Authorization
JA> permissions, then I agree that permissions XSD file for EE 11 can
JA> be removed and the one remaining reference to permissions.xml can
JA> be removed from the Platform specification.
I have removed it in
41c3940.
Ed