avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <pe...@apache.org>
Subject Re: Phoenix Security
Date Thu, 20 Dec 2001 11:40:13 GMT
On Thu, 20 Dec 2001 22:30, Annasab Sunthe wrote:
> What kind/level of security does phoenix provides?

Phoenix just provides the standard Java2 codebase security. ie What you would 
previously define using a java.policy file you can define using 
environment.xml in phoenix apps.

I have implemented various security services in the past though have never 
been able to release them (as I didn't own the rights to them). From memory I 
broke it down into things like 

* RoleManagers - maps identities/usernames to roles
* IdentityManager - manages identities/usernames
* AuthenticationManager - how do you authenticate a client as a particular 
* PermissionManager - how to manage which roles have which permissions

They largely followed the J2EE recomendations from memory and I had a DB 
store, XML store, proeprties store and a LDAP store (though this one was only 
half implemented). Eventually they will be reimplemented in Cornerstone but I 
haven't got the cycles or motivation to do it right now. Feel free to 
volunteer to do it ! :)



Why does everyone always overgeneralize?

To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>

View raw message