db-jdo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Bengtson <e...@jpox.org>
Subject securing data in JDO
Date Fri, 26 Oct 2007 16:03:55 GMT
I would like also to get some feedback about controlling access to data in a
standard JDO:

-	Users should be able to specify fine grained access control to persistent
objects.
-	JDO implementations raise exceptions if the authenticated user does not fit
into the role specified in the metadata

e.g.

<jdo>
<package>
<class name=”Person”>
<security principal=”adminuser”/>
</class>
</package>
</jdo>

Or

<jdo>
<package>
<class name=”Person”>
<field name=”controlCode”>
<security principal=”superuser”/>
</field>
</class>
</package>
</jdo>


The user code:

Person.getControlCode(); //If the principal is not valid, a JDOSecurityException
is raised.

A JDOQL:

SELECT controlCode FROM Person  //If the principal is not valid when evaluating
the query (not when compiling), a JDOSecurityException is raised.


Mime
View raw message