continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jesse McConnell" <jesse.mcconn...@gmail.com>
Subject Re: Continuum Security design
Date Wed, 19 Jul 2006 20:06:05 GMT
There was some discussion on irc about the security model so I wrote
up this description for review by everyone.

http://docs.codehaus.org/display/CONTINUUM/Straight+Role+Based+Access+Control

It doesn't have implementation details in it, it is just an attempt at
drawing together the different concepts we have been talking about
together so we can agree on 'what we want' and then we can focus on
'how to do it'.

personally, I think this basic idea could go into plexus (if it isn't
already there with jason's rbac stuff) pretty smoothly and then have
different implementations like carlo's acegi stuff...

but anyway, please review the above and comment

cheers!

jesse

On 7/18/06, Brett Porter <brett@apache.org> wrote:
> I've added my comments.
>
> I don't think we need domain ACLs - it's an interesting concept but it
> also worries me a little to have security as an afterthought - it's
> intrinsic to the design of the code in some ways (surely if you only
> want to give one person access to a subset of the data you also want to
> avoid going ahead and retrieving the data in the first place). Perhaps I
> misunderstand it's intent.
>
> So, where are we at with this? I don't think its healthy to keep a
> branch for too long on something so fundamental as it'll become hard to
> merge back in, but is Acegi proving to be both non-intrusive and capable
> of doing what we need? What state is it in?
>
> - Brett
>
> On 11/07/2006 8:41 AM, Carlos Sanchez wrote:
> > http://docs.codehaus.org/display/CONTINUUM/Security
> >
> > Please take a look and provide feedback on the semantics of what to
> > secure and to what level.
> >
>
>
> --
> Apache Maven - http://maven.apache.org/
> Better Builds with Maven - http://library.mergere.com/
>


-- 
jesse mcconnell
jesse.mcconnell@gmail.com

Mime
View raw message