Automated RBAC Java Security Tool Released

Injects role-based access control security into legacy Java apps

• By Becky Nagel
• 02/21/2008

McLean, Va.-based Advanced Modeling Concepts has released a Java security tool that helps developers add security to existing Java applications. The product adds role-based access control (RBAC) security via a tool called AfterthoughtSoft-Secure.

Organizations can use the product to inject Java authentication and authorization (JAAS) security into legacy code. It can work with any Java applications that use the JAR (Java Archive) file format. The solution is designed mostly to work with client-side applications, according to company literature.

The product identifies what needs to be secured in the runnable JAR file and creates a copy of the file with the RBAC security inserted, according to the company.

"One of the hardest parts of dealing with JAAS implementations is getting the security policy files done correctly," commented Advanced Modeling Concepts' CEO Bart Jenkins in a prepared statement. "The tool automatically generates all the necessary .java.policy and .java.login.config files for you."

Advanced Modeling Concepts has released three versions of AfterthoughtSoft-Secure: Community, Pro and Enterprise.

The free community edition covers only "text file-based RBAC." The Pro edition adds NT, Unix and Linux security. The Enterprise Edition offers LDAP and Kerberos V support. Introductory pricing through February for the Pro and Enterprise editions is $29 and $99, respectively.

More information on all the versions can be found here.