avalon-phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Fedorenko <ifedore...@thinkdynamics.com>
Subject controlling access to blocks
Date Sun, 01 Sep 2002 05:17:47 GMT

I am finishing implementation of a coarse-grain access control for 
phoenix blocks and wonder if you are interesting in it.

What I am doing is pretty much driven by current ejb approach (if I got 
it right :-) but with some simplifications. Basically, application 
developer associates methods of service interface (sic) with logical 
role or roles allowed to call the method. You could specify "unchecked" 
as well as have settings for "all other methods" and, of course, there 
is xdoclet support for all this. Application assembler maps logical 
roles into physical roles of environment using simple xml file and 
configures security interceptors for blocks (I still hope to see 
interceptors committed into the cvs :-). I have JAAS interceptor but 
other could be written easily. I still have some issues to resolve, like 
how to assign security context with calls originated from phoenix 
blocks, but otherwise I am almost there. The code lives in application 
space but could be migrated into phoenix kernel if you would like to 
adopt it. So, what do you think?

Igor Fedorenko
Think smart. Think automated. Think Dynamics.

To unsubscribe, e-mail:   <mailto:avalon-phoenix-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-phoenix-dev-help@jakarta.apache.org>

View raw message