geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-3964) Concentrate spec security setup for webapps into one class. Consider not using excluded permissions
Date Thu, 17 Apr 2008 21:43:21 GMT
Concentrate spec security setup for webapps into one class. Consider not using excluded permissions
---------------------------------------------------------------------------------------------------

                 Key: GERONIMO-3964
                 URL: https://issues.apache.org/jira/browse/GERONIMO-3964
             Project: Geronimo
          Issue Type: Improvement
      Security Level: public (Regular issues)
          Components: security
    Affects Versions: 2.2
            Reporter: David Jencks
            Assignee: David Jencks
             Fix For: 2.2


The security building code is a bit spread out between the jetty/tomcat web module builders,
the parent AbstractWebModuleBuilder, and some classes in geronimo-security.
(1) reorganize this so its easier to understand with all the code in a single package in the
abstract web module builder module.  Also, only use one call to do all the building.

(2) Theoretically, excluded permissions are a bit weird.... why not simple not hand out those
permissions in the first place?  After the reorganization I'm planning to investigate how
plausible this is.  No excluded permissions fit better into a standard rbac framework and
are much easier to think about IMO.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message