avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niclas Hedhman <nic...@hedhman.org>
Subject Re: Secure Kernel in Merlin
Date Sat, 03 Apr 2004 13:20:04 GMT
On Saturday 03 April 2004 19:14, Nader Aeinehchi wrote:
> Not only the authorization model may be different, but also each
> component may want to use a different authenticator.  Based on that
> experience, I got the idea that a cascading security model should be
> provided, in which each component has its own security model that cannot
> violate the security constraints imposed by its surrounding container.

What I have in mind is that the Authenticator is pluggable through the 
Context, so that the component doesn't know/care about how it is done, and 
will just request the service from Merlin. You would then be able to provide 
authenticators to each component independently (or collectively).

> Regarding "assign grants to 'components'  instead of codebases", I would
> think you can solve it by a special purpose classloader.  When a component
> is loaded by the classloader, simply assign the component its own
> codoesource, that is different from its physical codesource.  A similar
> approach is taken in Sun's J2EE 1.3 reference application server.

Thanks for the tip. This could be a good way forward. I (nor Stephen) won't be 
working on it in the very near future though, since we have some other pieces 
to clean up first, but I think it is next on the agenda after the 
Excalibur/Fortress/Cornerstone effort.

|   http://www.bali.ac         |
|  http://niclas.hedhman.org   |

To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org

View raw message