Steve, I was reminded of this too. I thought the scenario resembled the Façade pattern, which defines a higher level of interface to sub-systems or individual functional implementations. I don't know if that's quite right since the Façade is supposed to represent the sub-system(s) instead of providing a clearinghouse, but the similarities of purpose are there. Was that the one?
Consequently, a great link sent to me the other day by a co-worker contains a "Catalog of Non-Software Examples of Design Patterns". Great analogies for software-related patterns. http://www.agcs.com/supportv2/techpapers/patterns/papers/tutnotes/ Hope this helps, or is at least interesting. :-) Mike Diehl Extreme Logic Senior Consultant, Mid-Atlantic Practice -----Original Message----- From: Steve Holak [mailto:[EMAIL PROTECTED] Sent: Thursday, August 21, 2003 3:41 PM To: [EMAIL PROTECTED] Subject: Re: [ADVANCED-DOTNET] Design Puzzle Janis, I don't have the book handy, but somewhere in the back of my mind there's a nagging thought that there's a (GOF) Design Pattern that would fit your situation, but it honestly escapes me ATT. Hope this spurs a thought or advice from someone else on this list. --sorry Steve Holak Senior Software Architect Brokerage Concepts IS Dept. 610-491-4879 email: [EMAIL PROTECTED] Janis Braslins <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Sent by: "Moderated cc: discussion of advanced .NET Subject: [ADVANCED-DOTNET] Design Puzzle topics." <[EMAIL PROTECTED] VELOP.COM> 08/21/2003 02:16 PM Please respond to "Moderated discussion of advanced .NET topics." I am in a bit of a bind here. If you have a few minutes, perhaps you could help me out with this architecture design issue. SPEC: 1) We have a central object/assembly that has permissions to access certain elements that no other object of the application can. We call it SECURITY object. 2) We have numerous objects compiled and invoked at runtime that will be performing calls to the SECURITY object. We refer to them as PLUGINS. The source of every PLUGIN is assumed to be "unsafe". When each PLUGIN is compiled into assembly, it's FileIO/Registry and other sensitive permissions are being refused. The intention is to let the PLUGINS access sensitive information via SECURITY object. 3) SECURITY object is tasked with compilation of PLUGINS at runtime. It's important to note that multiple instances of the same PLUGIN will be able to coexist at the same time and operate independently. 4) When an instance of a compiled PLUGIN is being created, SECURITY object must assign it a certain role based on numerous external parameters not contained within the PLUGIN source. Those roles determine what functions of the SECURITY object those PLUGINS have access to. 5) The PLUGINS themselves should not be capable of changing their roles. 6) SECURITY object should be able to change the role of a certain _instance_ of a PLUGIN at runtime when some external conditions are met. PROBLEMS: 1) So, basically, we can't store the ROLE of the each instance of the PLUGIN within the PLUGIN itself, as it would then be able to modify it's own role. 2) We cannot use declarative custom security permission checks to limit the role each PLUGIN gets, as each instance of the PLUGIN can have a separate role. 3) We cannot use imperative custom security permission checks (I just don't see how it would work, please correct me if I am wrong) POSSIBLE SOLUTIONS: I've though of storing information regarding each instance of every PLUGIN created and activated inside SECURITY object. But that means SECURITY object should be aware of who the callers of it's methods are. We cannot require SECURITY object's methods to have a "caller" argument, as PLUGINS would be able to obtain a reference to the other PLUGINS with different roles, and pass those to the SECURITY object, faking their role. As far as I see, there's no way to obtain a reference to the caller object via StackTrace/StackFrame classes, only reference to the caller type. Since each instance of our PLUGIN can have a different role, that information is not sufficient to determine callers role. I AM STUCK ... Ideas anyone? =================================== This list is hosted by DevelopMentor® http://www.develop.com NEW! ASP.NET courses you may be interested in: 2 Days of ASP.NET, 29 Sept 2003, in Redmond http://www.develop.com/courses/2daspdotnet Guerrilla ASP.NET, 13 Oct 2003, in Boston http://www.develop.com/courses/gaspdotnet View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentor® http://www.develop.com NEW! ASP.NET courses you may be interested in: 2 Days of ASP.NET, 29 Sept 2003, in Redmond http://www.develop.com/courses/2daspdotnet Guerrilla ASP.NET, 13 Oct 2003, in Boston http://www.develop.com/courses/gaspdotnet View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentor® http://www.develop.com NEW! ASP.NET courses you may be interested in: 2 Days of ASP.NET, 29 Sept 2003, in Redmond http://www.develop.com/courses/2daspdotnet Guerrilla ASP.NET, 13 Oct 2003, in Boston http://www.develop.com/courses/gaspdotnet View archives and manage your subscription(s) at http://discuss.develop.com
