avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <pe...@apache.org>
Subject Re: shutdown phoenix gracefully
Date Sat, 31 Aug 2002 12:54:36 GMT

On Sat, 31 Aug 2002 22:14, Paul Hammant wrote:
> >>requestShutdown();
> >>
> >>   --> we can't be accused of not thinking about this one carefully
> >>(conversation started in Feb).
> >>
> >>How difficult will it be to fit permissions (environment.xml) onto this
> >>given multiple containers?
> >>
> >>      <revoke code-base="sar:SAR-INF/lib/*">
> >>        <permission
> >>class="org.apache.avalon.somepackage.AppShutdownViaBlockPermission" />
> >>      </revoke>
> >
> >Granting permissions are easy to implement (revoking is a PITA unless
> > JDK1.4 specific) but I am not sure they are necessary. The accompanying
> > javadoc indicates that it is just a request and need not be honored by
> > the container.
> So basically, the advice would be to grant a specific set of rights for
> the app (when All is not good enough).

Thats the way the java platform works in general. It dervies from javas need 
for flexible security combined with performance. With just grants you need to 
test once against compiled representation of permissions while if you had 
denys it require two tests.

JDK1.4 allows you to "recompile" the grant permission set so you can remove 
permissions from an set but you still don't have a standard mechanism for 
denies (unless you want to implement it differently in your own components).

> It is a shame that it is not like Ant's <include> <exclude> model.
>  Methinks, I may be shot down for holding that up as a good design!!


Much better for us - probably less good for admins though ;/


Peter Donald
Doubt is not a pleasant condition, but certainty is absurd.
                -- Voltaire 

To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>

View raw message