Why isn't AclImpl standard?

Keith L. Musser (kmusser@idisys.com)
Tue, 16 Jun 1998 15:14:44 -0500

From: "Keith L. Musser" <kmusser@idisys.com>
To: "'java-security@java.sun.com'" <java-security@web2.javasoft.com>
Subject: Why isn't AclImpl standard?
Date: Tue, 16 Jun 1998 15:14:44 -0500

Hi,

I need user Access Control security in the system I'm building.
So I've been looking at java.security.acl.

COMMENT: You don't provide an implementation of Acl and
AclEntry which I can use.

The logic for combining permissions is well-defined, but a little
involved. Why should I have to write my own implementation?

The implementation in com.sun.security.acl is...
(a) not standard (may not be in some JVM platforms)
(b) not Serializable -- I can't make my Acl persistent if I
base it on your AclImpl, unless I go through hoops to
rebuild it each time my application starts.