Ladies and Gentlemen,
I have been giving alot of thought to possible security models and
access authorization architectures lately. Since Java has released
Java Authentication and Authorization Services (JAAS), I realized
that this was a standard way I could have all my companies apps
authenticate and authorize users in a standard manner. I have never
really liked the Servlet API's methods of authentication of end
users because you could not design your own ways of testing the
authentication. If you did, you could not take your application
to another Servlet Container.
As what I am about to outline will affect some semantics of the
Sitemap, this is something that would have to be affected in version
2.1 or later of Cocoon. JAAS has some very interesting ways of
creating your own LoginModules that set up authorizations, etc.
When there is need of feedback from the LoginModule, it uses a
CallbackHandler. The CallbackHandler will give a standard list
of questions and ways of responding to the questions. This is
straightforward.
At first you might think that you could create a Generator that
was a CallbackHandler and an Action that populated the Callback
array with the answers. While this is part of the solution, the
answer is more complicated. JAAS opperates by obtaining a LoginContext
for a login session initialized with the appropriate callbackhandler
and other information. You will then call the login() method
on that LoginContext. After the login is fully authenticated,
control returns to the login() method. This is pretty circuitous.
The full solution requires that the login() method be called from
the Sitemap. We would need to create a <map:handle-login/> entry
in the pipeline with the transformer and serializer set up. We would
also need to specify whether a client must be logged in for a specific
pipeline. Lastly, we need to have a JAAS executePipelineAction
that would be executed as a specific Subject. Lastly we would need
some Role based Permissions.
I think the higher sophistication of JAAS and the fact that solutions
are portable and customizable for the system is a benefit we can't
ignore. For Cocoon to be taken seriously in corporate settings where
secure information is prevalent, we need to take advantage of this
security model.
Please give me some feedback.
S/MIME Cryptographic Signature
