avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen McConnell <mcconn...@apache.org>
Subject Re: [phoenixjms] PhoenixJMS + MDS Release
Date Fri, 12 Sep 2003 13:53:26 GMT

Farr, Aaron wrote:

>>-----Original Message-----
>>From: Stephen McConnell [mailto:mcconnell@apache.org]
>>Sent: Friday, September 12, 2003 4:44 AM
>>To: Avalon Developers List
>>Subject: Re: [phoenixjms] PhoenixJMS + MDS Release
>>Sory for the delay in responding to this email - have been somewhat
>>preocupied with the release stuff.
>I understand.  I've been swamped with work myself lately.
>>J Aaron Farr wrote:
>>>1. Security Policies:
>>>   The Phoenix SAR doesn't require I have any special security policy,
>>>   but when I run the same code in merlin, I get all sorts of security
>>>   violations.  The solution is to add a policy file and include it in
>>>   the JVM options.  We might want to include a default policy file in
>>>   the Merlin distribution to help accommodate this.
>>A security file could only address the bootstrap process.  After
>>bootstrapping - the security policy would need to be established on a
>>per container/component basis.  I took a look at the security policy
>>file you have for the JMS server and immediately noticed that this is
>>tied to the deployment command line assumptions.  What we really need is
>>the potential to set the JMS server policies based on the deployment
>>scenario - otherwise it will not be usable in a composite scenario.
>The included security policy file is a bit of a kludge.  A lot of it is just
>trial and error.  Eventually I included the AllPermissions at the top but
>that's not a secure solution.

I've been digging through the security policy javadocs and related 
material. Based on this initial pass it seems clear that we need to 
setup some classes in Merlin as privaliged and from here, dynamically 
create privaliges based on deployment directives.

There is a issue here I mentioned in another thread concerning the 
repository model.  Once we start getting into the security side we are 
going to need to put policy information inside the <host> tag (inside 
the kernel repository declaration).  I think it would be wise if we 
update merlin before a release to declare the host name in an attribute 
instead of using the element value.  This will simplify things post 
release when dealing with host related policy.  Secondly, as an interim 
measure we could include an all permission policy to eliminate the issue 
you seeing. Is this just something we need to include in the .bat and 
.sh files?



Stephen J. McConnell

To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org

View raw message