geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Closed: (GERONIMO-3964) Concentrate spec security setup for webapps into one class. Consider not using excluded permissions
Date Wed, 04 Feb 2009 00:51:59 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-3964?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Jencks closed GERONIMO-3964.
----------------------------------

    Resolution: Fixed

Trunk has been without excluded permissions for some time and no problems have surfaced.

> Concentrate spec security setup for webapps into one class. Consider not using excluded
permissions
> ---------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-3964
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-3964
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 2.2
>            Reporter: David Jencks
>            Assignee: David Jencks
>             Fix For: 2.2
>
>
> The security building code is a bit spread out between the jetty/tomcat web module builders,
the parent AbstractWebModuleBuilder, and some classes in geronimo-security.
> (1) reorganize this so its easier to understand with all the code in a single package
in the abstract web module builder module.  Also, only use one call to do all the building.
> (2) Theoretically, excluded permissions are a bit weird.... why not simple not hand out
those permissions in the first place?  After the reorganization I'm planning to investigate
how plausible this is.  No excluded permissions fit better into a standard rbac framework
and are much easier to think about IMO.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message