avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <pe...@apache.org>
Subject Re: LogKit and log4j
Date Sun, 12 May 2002 00:11:23 GMT
On Fri, 10 May 2002 22:41, Gonzalo A. Diethelm wrote:
> > > * Are there any BASIC components/abstractions in Avalon to deal
> > >   with security? By that I mean authentication and authorization
> > >   (as in role-based permission management).
...
> Would there be any value in creating one? A very generic interface-
> based security abstraction? 

Yes there is a bunch of interest :) Any serious application that needs to 
add/remove Users to the system and to manage roles etc needs something to get 
it going.

You may want to have a look at 

jakarta-avalon-cornerstone/src/java/org/apache/avalon/cornerstone/services/security/*

It has some interfaces to define RoleManagement and Authorization. It does not 
do any authentication management but it sorta assumed that JAAS would be used 
for that.

> Something along the lines of:

Looks interesting but I would be more likely to use a system that used the 
built in classes of JVM. ie User --> Principle, Action --> Permission.

>
> interface User {
>   User(String identity);
>   String getIdentity();
> }
>
> interface Credential {
>   Credential(String data);
>   String getData();
> }
>
> interface Authenticator {
>   boolean checkUserCredential(User user, Credential credential);
> }
>
> interface Action {}
>
> interface Authorizer {
>   boolean canUserDoThis(User user, Action action);
> }
>
> interface Session {
>   void setUser(User user);
>   User getUser();
>
>   void setAuthenticator(Authenticator authenticator);
>   Authenticator getAuthenticator();
>
>   void setAuthorizer(Authorizer);
>   Authorizer getAuthorizer();
>
>   void authenticateUser(Credential credential);
>   boolean isUserAuthenticated();
>
>   boolean canUserDoThis(User user, Action action);
> }

-- 
Cheers,

Peter Donald


--
To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>


Mime
View raw message