river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregg Wonderly <gr...@wonderly.org>
Subject Re: River jar files in mvnRepository
Date Tue, 23 Mar 2010 14:42:32 GMT
Dennis Reedy wrote:
>> For new users, I think offering a couple of Maven archetypes would be
>> useful,
> Agree here, and not just for new users.

One of the predominant concerns for me, is the security of the endpoints so that 
rogue services and users on a LAN can not exploit the test environment, as well 
as creating separation of legitimate users on the same network.  What this 
implies to me, is that lookup groups should be employed, and secure jeri with 
SSL endpoints using machine generated rsa-2048 certs should be the default.

In a test environment, on the same machine, running out of an IDE, the 
configuration of all of this would be under the control of the IDE 
build/deployment environment (maven, ant or other build tools can do all the 
work so that it's not a "ide dependent" plugin).

Again, creating a simple com.sun.jini.start.ServiceStarter config should be 
straight forward, to start all of River.  To start selected services, something 
more IDE specific would perhaps be needed, or some standard config file that 
simply lists which River services you need.

The verbosity of the com.sun.jini.start.ServiceStarter config file is the issue 
I think we can deal with super easy.  Taking a simple list of services to start 
and having the file generated would be a tool to help developers.  But then 
being able to start ServiceStarter with that config automatically would be icing 
on the cake.

I am really interesting in the Groovy config work that Dennis has done with Rio. 
  The issue of course, is that we'd need to think seriously about only 
supporting a Maven environment to help developers pull in Groovy as a dependency 
if we chose to use groovy based config (it is an enhancement because it does 
make some things easier).

Imagine something simple like the following steps.

// Generate a new certificate file
rsaCert = Utilities.rsaCert( 2048 );
// Get the list of services we want to deploy.
services  = new String[] {
	"reggie", "mahalo", "javaspaces", "norm" };
// Get the configuration with the cert specified for use
config = Utilities.secureConfig( rsaCert, services );

Utilities.deployRiver( config );

Now this doesn't take into consideration all the customization that might occur, 
but it would use AllPermission for anything that connects with that certificate.

Logging configuration is another issue.  My http://logman.dev.java.net project 
has a Jini service that deploys as a Java LogManager instance using command line 
arguments to specify, through properties, how to deploy it.  Something like that 
might be another thing to include as a "better" River environment for testing.

Just thinking out loud...

Gregg Wonderly

View raw message