Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 59384 invoked from network); 24 Dec 2005 02:42:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 24 Dec 2005 02:42:09 -0000 Received: (qmail 98564 invoked by uid 500); 24 Dec 2005 02:42:07 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 98428 invoked by uid 500); 24 Dec 2005 02:42:06 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 98415 invoked by uid 99); 24 Dec 2005 02:42:05 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Dec 2005 18:42:05 -0800 X-ASF-Spam-Status: No, hits=1.8 required=10.0 tests=NO_REAL_NAME,RCVD_NUMERIC_HELO X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: local policy) Received: from [205.178.146.52] (HELO mail.networksolutionsemail.com) (205.178.146.52) by apache.org (qpsmtpd/0.29) with SMTP; Fri, 23 Dec 2005 18:42:05 -0800 Received: (qmail 2233 invoked from network); 24 Dec 2005 02:41:43 -0000 Received: from unknown (HELO webmail5) (205.178.146.50) by 10.49.34.112 with SMTP; 24 Dec 2005 02:41:43 -0000 Received: from 70.134.86.55 (unverified [70.134.86.55]) by webmail5 (VisualOffice 4.01) with WEBMAIL id 16962; Sat, 24 Dec 2005 02:41:43 +0000 From: simon@godik.com To: dev@geronimo.apache.org Importance: Normal Sensitivity: Normal Message-ID: X-Mailer: Mintersoft VisualOffice, Build 4.01.1003 X-Originating-IP: [70.134.86.55] Date: Sat, 24 Dec 2005 02:41:43 +0000 Subject: Re: Geronimo Security plans (from ApacheCon) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi David, In addition, xacml will provide policy combination and delegation of rights Simon --- David Jencks wrote: >At ApacheCon several of us got together to discuss security in >Geronimo. These are my recollections, please expand/contradict/ >modify what I forgot or got wrong. > >People: Alan Cabrera, David Jencks, Kresten Krab Thorup, Hiram >Chirino, Simon Godik (Others ???) > >Problems with the current implementation: > >- Distinction between client-side and server-side login modules is >too hard to understand and too ad-hoc: security assertions are a >better, standard, and more comprehensible way of getting the same >functionality. > >- The LoginModule wrapping a set of login modules serves little purpose. > >Things we like and want to generalize somehow: > >- We'd like to extend the variety of approaches represented in the >CORBA csiv2 model to other transports and contexts beyond CORBA > >How we might get there: > >Simon gave us some hints about SAML and XACML and IIUC pointed out >that most of the basic ideas we need are worked out in detail in >these specs and that we can implement these ideas without necessarily >relying on the xml-centered implementation called for in the specs. >In particular SAML extensively discusses security assertions which >are a more powerful and systematic way of dealing with both the >client/server login module problems and the information dealt with by >csiv2. My current and very limited understanding is that SAML >indicates what kind of security assertions can be made and how to >transfer them between systems. XACML provides a framework in which >(among many many other things) these security assertions can have >effects on authentication and authorization decisions > > >Since ApacheCon I've started looking into XACML and SAML a tiny bit >and although I am not thrilled by the pointy brackets I think this is >an avenue we should investigate thoroughly. I think it can >definitely provide the flexibility we want in the security model: I >think the challenge will be making the configuration comprehensible >and the implementation fast. From my very brief study it looks like >XACML will provide a framework in which authorization rules that >include the request info provided by JACC can be evaluated. I'm not >?sure what else it will bring us :-) > > >Many thanks, >david jencks