[ http://issues.apache.org/jira/browse/AXIS2-1110?page=comments#action_12433316 ] Ming Cheung commented on AXIS2-1110: ------------------------------------
Adding new permissions the policy file(s) sometimes may not be enough to resolve the privilege issues. Acutally, I am thinking of introducing a new AccessController class into the CORE module. This new AXIS2 AccessController is a class which delegates all doPrivileged calls to correspondent APIs defined in java.secuirty.AccessController class. One of the main reason for introducing this new AXIS2 AccessController Class is to improve the runtime performance when java security is not enabled. Here is a link which talks more about the usage of Java 1.5.0's doPrivileged constructs http://java.sun.com/j2se/1.5.0/docs/guide/security/doprivileged.html > Java 2 Security > --------------- > > Key: AXIS2-1110 > URL: http://issues.apache.org/jira/browse/AXIS2-1110 > Project: Apache Axis 2.0 (Axis2) > Issue Type: New Feature > Components: core > Environment: Supporting Axis2 runs inside of an environment with Java > 2 Security enabled > Reporter: Ming Cheung > > We need a feature which can provide us fine-grained access control to grant > privileges when the codes needed, and to have code operate with the minimum > necessray privileges. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
