incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reto Bachmann-Gmuer <>
Subject Re: Accessing services from scala server pages
Date Wed, 10 Nov 2010 10:55:35 GMT
Hi Tsuy

You're right that its probably not possible to have the permssions
based on code-base, as the invoked service has its usual code-base. So
maybe just making sure ssp are executed as anonymous independently on
a logged in user. However that way an ssp could still do things as

The other two variants are independent of the permission system. Th
first one would go like this:

if a Service Interface is annotated with @AvailableFromSsp (or
@SideEffectFree) then it is available with something like
$[org.example.ServiceInterface] other not.

At the cost of more complexity (dynamic proxies) I think it would also
be possible to annote single methods as @SideEffectFree, so
$[org.example.ServiceInterface].getValue() would work, but
$[org.example.ServiceInterface].clear() would throw an Exception.

Are things clearer now?


On Wed, Nov 10, 2010 at 10:30 AM, Tsuyoshi Ito <> wrote:
> Hi Reto
> 2010/11/9 Reto Bachmann-Gmür <>:
>> I've been skeptical toward the proposal of allowing access to osgi services from
ssp. As an alternative I suggested a special in interface (WebRenderingFunction) services
can expose to provide a side-effect free function to be used in ssp.
>> It turns out that such a function needs fleixibility both for arguments and for return
type. As an alternative I thouht of following alternatives:
>> - ssp can access any service, but by running with a particular set of code base permissions
they cannot succesfully invoke functions that e.g. modify an mgraph.
>> - ssp can access only services which are annotated indicating to be suitable for
that use
>> - as abobe but on method level (harder to implement)
> I don't really understand how you would implement the first proposal.
> can you please explain it in more details (or can you give me a link
> where I can find more information about it). How would you set the
> code base permission? On class level? You wrote: "cannot succesfully
> invoke functions" - do you mean invoke/use classes? If not, what is
> the difference between proposal 1 and proposal 3? Can you please make
> an example (on an abstract level).
> Thanks
> Tsuy

View raw message