Hi Tsuy You're right that its probably not possible to have the permssions based on code-base, as the invoked service has its usual code-base. So maybe just making sure ssp are executed as anonymous independently on a logged in user. However that way an ssp could still do things as priviledged.
The other two variants are independent of the permission system. Th first one would go like this: if a Service Interface is annotated with @AvailableFromSsp (or @SideEffectFree) then it is available with something like $[org.example.ServiceInterface] other not. At the cost of more complexity (dynamic proxies) I think it would also be possible to annote single methods as @SideEffectFree, so $[org.example.ServiceInterface].getValue() would work, but $[org.example.ServiceInterface].clear() would throw an Exception. Are things clearer now? Cheers, Reto On Wed, Nov 10, 2010 at 10:30 AM, Tsuyoshi Ito <[email protected]> wrote: > Hi Reto > > 2010/11/9 Reto Bachmann-Gmür <[email protected]>: >> I've been skeptical toward the proposal of allowing access to osgi services >> from ssp. As an alternative I suggested a special in interface >> (WebRenderingFunction) services can expose to provide a side-effect free >> function to be used in ssp. >> >> It turns out that such a function needs fleixibility both for arguments and >> for return type. As an alternative I thouht of following alternatives: >> >> - ssp can access any service, but by running with a particular set of code >> base permissions they cannot succesfully invoke functions that e.g. modify >> an mgraph. >> - ssp can access only services which are annotated indicating to be suitable >> for that use >> - as abobe but on method level (harder to implement) >> > > I don't really understand how you would implement the first proposal. > can you please explain it in more details (or can you give me a link > where I can find more information about it). How would you set the > code base permission? On class level? You wrote: "cannot succesfully > invoke functions" - do you mean invoke/use classes? If not, what is > the difference between proposal 1 and proposal 3? Can you please make > an example (on an abstract level). > > Thanks > Tsuy >
