axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yuhichi Nakamura" <NAKAM...@jp.ibm.com>
Subject Re: Security Architecture
Date Wed, 11 Apr 2001 11:40:35 GMT

Dug,
I understand you point.  You can do anything with the current architecture.
My point is that if you rely on the platform function, you can do typical
cases
more easily.  For example, you can define roles relating to users with
J2EE.
Therefore, you do not have to implement anything for role-based
authorization.
Furthermore, it is based on standard, so tools to define user-role mapping
are also provided as products.  I am not sure whether you can perform
access
control for EJB with the handler approach.  Any idea on this?

When I want to provide HTTP and HTTPS AxisServlets, should they refer
an identical AxisServer?

We have not discussed J2EE yet. Shouldn't we consider how to map
Axis to J2EE architecture?

As for codebase, would you draw a design picture?  It is hard to
understand.

Best regards,

Yuhichi Nakamura
IBM Tokyo Research Laboratory
Tel: +81-462-73-4668


From: "Doug Davis" <dug@us.ibm.com> on 2001/04/11 19:46

Please respond to axis-dev@xml.apache.org

To:   axis-dev@xml.apache.org
cc:
Subject:  Re: Security Architecture



Yuhichi,
  The current code does not do what you think it does.  Yes everything
goes through one servlet but the authorization to each particular service,
including the admin functions,  is restricted by the authentication
and authorization handlers.  There are very (very!) basic auth. handlers
in there right now that do actually demonstration how access can be
controlled on a service by service basis.  The Axis architecture is
flexible
enough to allow you to plug-in your own auth. handlers to implement any
type of control mechanism that fits your needs.

If the entire chaining architecture is one that makes implementing certain
types of security features impossible (or even hard) please explain this
so that we can try to change it.

-Dug


"Yuhichi Nakamura" <NAKAMURY@jp.ibm.com> on 04/11/2001 02:09:06 AM

Please respond to axis-dev@xml.apache.org

To:   axis-dev@xml.apache.org
cc:
Subject:  Security Architecture



Folks,
I have been looking at the current code base to add security features.
However, I feel that the current code is very messy, and not comprehensive.
I would propose to clean up the code.

For the security architecture, I would suggest to rely on platform features
rather than our own proprietory stuff.  For example, before developing
authentication handlers, we should consider how to utilize security
functions
provided by servlet engines (and J2EE).

We have a big security issue in Apache SOAP.  Deployment and service
execution
are perfomed via a "same" servlet.  Therefore, once you provide a servlet
for services,
anyone can perform deployment with the same servlet.  Axis seems to inherit
this bad nature.

I would suggest to define service groups, and each group is mapped to a
particular
servlet.  A single servlet for handling all services is not a good idea.
For deployment,
I would never use AdminClient, rather would prepare configuration files
that are
loaded when AxisEngine or Registory is instantiated.

Note that as for EJB, a single servlet approach is ok because "role
assignment" can be
shared between Web and EJB containers.

Anyway, I want to experiment such security architecture based on the
codebase.  But I
almost gave up because I could not understand it.  Someone can tell me the
mechanism
of deployment and service look-up?

Any comment/suggestion is appreciated.

Best regards,

Yuhichi Nakamura
IBM Tokyo Research Laboratory
Tel: +81-462-73-4668







Mime
View raw message