commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gerhard Froehlich" <g-froehl...@gmx.de>
Subject RE: [simplestore] AccessControl
Date Wed, 20 Feb 2002 20:50:28 GMT
Juozas,

>> > 1. " Subject Has Permission on Class"
>> > 2. " Subject Has Permission on Method"
>> > 3. " Subject Has Permission on Object"
>>
>> ...with a simple solution... Hmm do we need a own interface for that to
>> capsulate this things? I started from scratch today design one, then I
>> clashed with the Java API.
>>
>> Somehow I like the simple solution in this article:
>> <http://www.javaworld.com/javaworld/jw-11-2000/jw-1110-proxy.html>
>
>Yes, this is "Subject Has Permission on Method" and
> "Subject Has Permission on All Methods" <=>"Subject 
>Has Permission on Class", 

Yes

>but " Subject Has Permission on Object" is not trivial it 
>means check like this:
>invoke(..., method ,...){
>// checkInvokeMethod( caller, method ); " Subject Has Permission on Method"
>   checkPermission( caller, method, OID  );// aditional param OID
>}
> example :
>
> AuthenticationManager.login("baliuka","baliuka");// login to current Thread
>......................................
>// next always throws Authorization exeption if have implementation for "
>Subject Has
>//  Permission on Object"
>MyUserInterface user =  user.find( MyUserInterface.class, "NotBaliuka"   );
> user.setPassword("baliuka");

Ok I see. I will start with some simple read and write security impl.
I think that comes "permission on method and class" relativ near, or?
For that I will create an own sub-package ..simplestore.persistence.security. Ok?
This will be the place for java.security.acl implementations. I will start
implementing this and then we will see how this object stuff fits in.

Maybe PersistenProxy gets an second constructor, or something else to handle
this securtiy things or not.

What do you think?

  ~Gerhard

--------------------------------------------
Give me ambiguity or give me something else.
--------------------------------------------

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message