tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: config diag, etc
Date Wed, 04 Aug 1999 19:41:59 GMT
> > Will the client pool the config information using a get method or will the
> > config service push the data ( or both )?
> Most likely both, as more options at the outset aren't bad.

Great, but will it be one interface that supports both pull and push, or 2
different APIs ?

I guess that needs to be in the diagram - i.e. the client discuss via one
or 2 APIs to the configuration service. 

> > Will it support notification or will poll for changes ( and how can you
> > detect the individual changes if you use XML file) ?
> I think we need to support both of these.  It seems to me that it'd be nice to
> have event notification, but also is necessary to have polling ability (with
> checking (ie. diffs) done on the client side).

Great, so the API will need to support events. ( it's great because DOM
doesn't - so we removed one )

Again, if we want events ( now or in future ) we must also find how to
detect changes in the XML ( for example, if only the port changed, or just
a new web app was added). With a directory service it's trivial.
( without that, with XML it will be hard to manage individual changes )
> > can't specify that a certain tag is readable only be a certain user).
> > You also loose the event notification in LDAP.
> No, what I was thinking here is that the LDAP entry for a certain configuration file
> contain the appropriate XML, not generate it.

Oops. So where is LDAP, just a storage for XML files ( besides the fact
that LDAP was designed to store name/values, not files )? 

How can you then use any of the existing directory tools ( that expect a
name hierarchy )? What about existing GUIs ( that are generic enough for
NT, Netware, and routers - but will need now to understand our XML)?

What about LDAPs schema and validation? Just ignore it?   

If we want to use LDAP services in our config tool, I assume we should use
them as directory services - not as a file system.

> As for security, I'm assuming that we're going to implement some sort of authentication
> mechanism for this service (right James?) to restrict WHO can configure themselves
> off a specific instance of the service.  There'd have to be some pass-through authentication
> done with respect to LDAP and any other data store for that matter.

How do you specify that a certain user has access to a specific branch
only, using XML ? And how can you enforce that, if you use a file? 

Authentication of who use the service is one thing, authoriazation and
access control for individual branches is something else. 


View raw message