Return-Path: 
 <clerezza-dev-return-3578-apmail-incubator-clerezza-dev-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-clerezza-dev-archive@minotaur.apache.org
Received: (qmail 27314 invoked from network); 10 Nov 2010 10:55:35 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 10 Nov 2010 10:55:35 -0000
Received: (qmail 69745 invoked by uid 500); 10 Nov 2010 10:56:06 -0000
Delivered-To: apmail-incubator-clerezza-dev-archive@incubator.apache.org
Received: (qmail 69684 invoked by uid 500); 10 Nov 2010 10:56:05 -0000
Mailing-List: contact clerezza-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:clerezza-dev-help@incubator.apache.org>
List-Unsubscribe: <mailto:clerezza-dev-unsubscribe@incubator.apache.org>
List-Post: <mailto:clerezza-dev@incubator.apache.org>
List-Id: <clerezza-dev.incubator.apache.org>
Reply-To: clerezza-dev@incubator.apache.org
Delivered-To: mailing list clerezza-dev@incubator.apache.org
Received: (qmail 69671 invoked by uid 99); 10 Nov 2010 10:56:04 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Nov 2010 10:56:04 +0000
X-ASF-Spam-Status: No, hits=0.7 required=10.0
	tests=RCVD_IN_DNSWL_NONE,SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (nike.apache.org: local policy)
Received: from [74.125.82.43] (HELO mail-ww0-f43.google.com) (74.125.82.43)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Nov 2010 10:55:56 +0000
Received: by wwb34 with SMTP id 34so593096wwb.0
        for <clerezza-dev@incubator.apache.org>;
 Wed, 10 Nov 2010 02:55:36 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.179.210 with SMTP id h60mr8179223wem.42.1289386535848;
 Wed, 10 Nov 2010 02:55:35 -0800 (PST)
Sender: reto@trialox.org
Received: by 10.216.29.133 with HTTP; Wed, 10 Nov 2010 02:55:35 -0800 (PST)
X-Originating-IP: [217.71.247.242]
In-Reply-To: <AANLkTikeHk1X=mhGHNZyj7OPbSL+2CopNe82SXKvA3cK@mail.gmail.com>
References: <1289325545.1455.14.camel@Nokia-N900-51-1>
	<AANLkTikeHk1X=mhGHNZyj7OPbSL+2CopNe82SXKvA3cK@mail.gmail.com>
Date: Wed, 10 Nov 2010 11:55:35 +0100
X-Google-Sender-Auth: P_lRckcxhmooJacgy_3swErDnp8
Message-ID: <AANLkTin+1XTfB90ze8VVy+h_HDJ0tg3Ga70pRGz4GJnw@mail.gmail.com>
Subject: Re: Accessing services from scala server pages
From: Reto Bachmann-Gmuer <reto.bachmann@trialox.org>
To: Tsuyoshi Ito <tsuy.ito@trialox.org>
Cc: clerezza-dev@incubator.apache.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org

Hi Tsuy

You're right that its probably not possible to have the permssions
based on code-base, as the invoked service has its usual code-base. So
maybe just making sure ssp are executed as anonymous independently on
a logged in user. However that way an ssp could still do things as
priviledged.

The other two variants are independent of the permission system. Th
first one would go like this:

if a Service Interface is annotated with @AvailableFromSsp (or
@SideEffectFree) then it is available with something like
$[org.example.ServiceInterface] other not.

At the cost of more complexity (dynamic proxies) I think it would also
be possible to annote single methods as @SideEffectFree, so
$[org.example.ServiceInterface].getValue() would work, but
$[org.example.ServiceInterface].clear() would throw an Exception.

Are things clearer now?

Cheers,
Reto


On Wed, Nov 10, 2010 at 10:30 AM, Tsuyoshi Ito <tsuy.ito@trialox.org> wrote=
:
> Hi Reto
>
> 2010/11/9 Reto Bachmann-Gm=C3=BCr <reto.bachmann@trialox.org>:
>> I've been skeptical toward the proposal of allowing access to osgi servi=
ces from ssp. As an alternative I suggested a special in interface (WebRend=
eringFunction) services can expose to provide a side-effect free function t=
o be used in ssp.
>>
>> It turns out that such a function needs fleixibility both for arguments =
and for return type. As an alternative I thouht of following alternatives:
>>
>> - ssp can access any service, but by running with a particular set of co=
de base permissions they cannot succesfully invoke functions that e.g. modi=
fy an mgraph.
>> - ssp can access only services which are annotated indicating to be suit=
able for that use
>> - as abobe but on method level (harder to implement)
>>
>
> I don't really understand how you would implement the first proposal.
> can you please explain it in more details (or can you give me a link
> where I can find more information about it). How would you set the
> code base permission? On class level? You wrote: "cannot succesfully
> invoke functions" - do you mean invoke/use classes? If not, what is
> the difference between proposal 1 and proposal 3? Can you please make
> an example (on an abstract level).
>
> Thanks
> Tsuy
>