geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Diego L Espiñeira <espi...@yahoo.com.ar>
Subject Re: Custom EJB Security
Date Sun, 03 Dec 2006 05:40:27 GMT
I guess I have to implement/extend the following interfaces/classes
- org.apache.geronimo.j2ee.deployment.SecurityBuilder
- javax.security.jacc.PolicyConfiguration
- javax.security.jacc.PolicyConfigurationFactory
- java.security.Principal

Is that right? Just what you did with all that TripleSec stuff, right?
Well, now I need to know how this classes are suppose to fit together.
I need any explanation i.e. "class A calls B when C happens", etc.

When the authorization info gets updated?
How do I make the "SecurityProxy" read additional configuration such as
where to get the permissions and roles from (DBMS, XML, webservice,
etc).


On Sun, 2006-12-03 at 00:32 -0300, Diego L Espiñeira wrote:
> Hi
> It would be such an honor to participate.
> The case is I don't have much information about the JACC API and
> specification neither about how is this implemented in geronimo.
> I just need that information to get the job done.
> 
> 
> Thanks for your reply
> 
> On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
> > The SecurityProxy is a JBoss proprietary feature that Geronimo  
> > doesn't support.  At the moment we don't have anything directly  
> > comparable implemented.
> > 
> > Starting with j2ee 1.4 the "official" way to implement security  
> > dependent on the ejb method calls is to do it in a JACC provider.  In  
> > a JACC provider you can use the ejb method call in the determination  
> > of whether to grant an ejb permission to a caller.  I suspect we  
> > could write a JACC provider that delegated to something like the  
> > JBoss SecurityProxy.  When considering this before I was thinking  
> > more in terms of a rule engine, but certainly just writing code is  
> > simpler :-)
> > 
> > Would you be interested in working on an implementation of this?  I'm  
> > interested but currently short of time, but I'd be happy to discuss  
> > how to do it with you.
> > 
> > thanks
> > david jencks
> > 
> > On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
> > 
> > > Hi!
> > > I'm in the process to migrate to Geronimo an application originally
> > > build for JBoss.
> > > This application uses custom EJB security through implementing the
> > > org.jboss.security.SecurityProxy interface. How could this be done  
> > > with
> > > Geronimo. The reasons I've approached this issue that way and not the
> > > facade bean using isUserInRole are the tight integration with the
> > > application server architecture and that of this way I can write neat
> > > and more maintainable code.
> > >
> > > PD: sorry, my English sucks.
> > >
> > > Thanks in advance.
> > >
> > > __________________________________________________
> > > Correo Yahoo!
> > > Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> > > ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
> > 
> 
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam gratis! 
> Abr tu cuenta ya! - http://correo.yahoo.com.ar

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam gratis! 
Abr tu cuenta ya! - http://correo.yahoo.com.ar

Mime
View raw message