avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gonzalo A. Diethelm" <gonzalo.dieth...@aditiva.com>
Subject RE: LogKit and log4j
Date Fri, 10 May 2002 12:41:47 GMT
> > * Does LogKit by itself (i.e. not as Excalibur Logger) allow
> >   for plugging log4j or JDK 1.4 logging as "back-end"?
> 
> Commons logging package and Framework's logging abstraction are
> designed for the basic issue of letting you choose which logging
> package you want later on.  I would suggest using either of those
> if what you want is a common API.

Ok, I think your (and others') answer clarifies what I was asking.
I will go with the Framework logging abstraction.

> > * Are there any BASIC components/abstractions in Avalon to deal
> >   with security? By that I mean authentication and authorization
> >   (as in role-based permission management).
> > 
> 
> Not at this time.  The Avalon team chose to follow Sun's lead on
> authentication and authorization, or to defer those concerns to the
> container.  There are projects that use JAAS, the Servlet's
> authorization/
> role management, or a proprietary authorization service.
> 
> The problem is that many applications have different needs.  Some
> servers do not need to worry about authenticating users (like HTTP
> proxy servers), and others work fine with the standard mechanisms.
> 
> The bottom line is none of us have gotten around to creating such
> an abstraction.

Would there be any value in creating one? A very generic interface-
based security abstraction? Something along the lines of:

interface User {
  User(String identity);
  String getIdentity();
}

interface Credential {
  Credential(String data);
  String getData();
}

interface Authenticator {
  boolean checkUserCredential(User user, Credential credential);
}

interface Action {}

interface Authorizer {
  boolean canUserDoThis(User user, Action action);
}

interface Session {
  void setUser(User user);
  User getUser();

  void setAuthenticator(Authenticator authenticator);
  Authenticator getAuthenticator();

  void setAuthorizer(Authorizer);
  Authorizer getAuthorizer();

  void authenticateUser(Credential credential);
  boolean isUserAuthenticated();

  boolean canUserDoThis(User user, Action action);
}



-- 
Gonzalo A. Diethelm
gonzalo.diethelm@aditiva.com


--
To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>


Mime
View raw message