geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Boynes <>
Subject Re: AW: Changes to OpenEJB interceptor stack
Date Wed, 26 May 2004 07:47:19 GMT
hbaxmann wrote:

> IMHO this is not a security issue at first. 
> If one divide the "security" into authenfication, authorization and
> auditing, then we have a iddentification issue here. The same problem will
> at least arise if one tries to establish something what is called today AOP:
> the 'turn-one-key-opens-all-doors' syndrome.
> I would vote for establishing an identity interceptor as the first in the
> message flow. He is marking the call with the identity of the caller. So one
> is able, even in threadlocal, to identifying who is in.
> absolutely wrong??

If I understand you correctly, I think that is what we are doing, except 
we don't use an actual ThreadLocal, we associate the Subject with the 
thread's AccessControlContext.

The question is where this should happen and how do we ensure it is done 
for all invocations including callbacks.


View raw message