jakarta-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Preston L. Bannister" <pres...@home.com>
Subject RE: Security and Jakarta?
Date Thu, 04 Nov 1999 22:51:47 GMT
I have finally had some time to stare at the Tomcat security code
(org.apache.tomcat.security.RealmConnector and friends).

At Jon's insistence :) I have also looked at the Dash security code
(com.workingdogs.dash.util.access.* and friends).

There is a fair amount of commonality, and there are good ideas in each.
There are also bits missing, that I believe are important.

The bit entirely missing from both is the notion of deep identifiers (like
uuid's) for users and groups (roles?).  A servlet based application may
archive secured objects to off-line storage and needs something a bit more
stable than simply user/group names.

User and group names can change.

"Jane Smith" might get married and change her name to "Jane Doe".  You don't
want to (or can't) re-write all the permissions on application-managed
secured objects, and you don't want permissions to get lost.

When "Sally Fields" leaves the company, the corresponding user may get
deleted from the security database.  If years later another "Sally Fields"
joins the company, she could get assigned the same user name.  Customers
don't like it when the new user accidentally inherits the old user's
permissions.

So you need something deeper than user names to uniquely identify a user or
group.

In Java you can get UID's via the java.rmi.server.UID class that might be
usable for this purpose (if implementing a proprietary security scheme).
Windows NT associates usable SID's with user definitions.  Unix offers uid's
(that are simple integers *not* UID's) that are not really suitable.  I
don't know how this works out with LDAP and other directory servers.

I haven't quote figured out if Dash's notion of roles and permissions
exactly matches up with the Tomcat scheme.


Mime
View raw message