AW: [Acegisecurity-developer] Using Acegi in distributed environm ent

Fri, 04 Mar 2005 07:05:57 -0800 

Well, that's true for the business objects implementing services. Sorry that
I didn't make that clearer. 

What I have in mind are domain objects actually modelling the data,
protected by Acegi. Imagine an Account class that offers a method called
getBalance() and that method is protected with Acegi. The actual Account
instance is loaded in the server tier and proxied with AOP Alliance classes
to intercept the MethodInvocation. The MethodInvocationInterceptor is also
linked with the AccessDecisionManager instance of the server. Everything
fine so far.

But then, this Account instance has to be sent to the web tier, because I
want to display the Account to a user. Perhaps in order to change the name
of the Account owner, but NOT the balance. As far as I know the Acegi
framework, every MethodSecurityInterceptor, AccessDecisionManager, etc.
would get lost on the way to the web tier, either leaving the object
unprotected or causing exceptions.

Now I wonder if there is any recommended way to address this problem (if
it's a problem).



> -----Urspr�ngliche Nachricht-----
> Von: Ben Alex [mailto:[EMAIL PROTECTED]
> Gesendet: Donnerstag, 3. M�rz 2005 12:41
> An: [email protected]
> Betreff: Re: [Acegisecurity-developer] Using Acegi in distributed
> environment
> 
> 
> Andreas Prohaska wrote:
> 
> > I bet that most of us use Acegi in some kind of EJB or 
> servlet tier, but I
> >expect problems when AOP proxied object instances are sent 
> over the wire.
> >Imagine the case that you want to protect your business 
> model objects with a
> >MethodInvocationInterceptor. Another problem seems to be 
> Serialization used
> >during HttpSession replication in the web tier. I doubt that 
> this could
> >work. Please correct me, if I'm wrong.
> >  
> >
> I'm not sure what the problem would be. Your services layer 
> beans will 
> still be located on the original machine (the server). You're client 
> machine just has a proxy stub, generated from the services layer 
> interface. The AOP will still take place on the server and 
> never be proxied.
> 
> Best regards
> Ben
> 
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from 
> real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Home: http://acegisecurity.sourceforge.net
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
> 


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to