Michal Kleczek created RIVER-436:
------------------------------------
Summary: Codebase annotations should be objects implementing a
known interface instead od Strings
Key: RIVER-436
URL: https://issues.apache.org/jira/browse/RIVER-436
Project: River
Issue Type: Bug
Components: net_jini_core, net_jini_io, net_jini_security
Reporter: Michal Kleczek
Right now codebase annotations are Strings containing a space separated list of
URLs . This has several drawbacks:
1. Code downloading is not dynamically extensible. All the parties in the
network have to apriori agree on a set of URL handlers. Introduction of a new
provisioning mechanism - for example based on Maven - requires at least
reconfiguration of all participants
2. There is no way of verifying downloaded code before it is actually executed.
Right now a TrustVerifier is obtained and used only after a service proxy was
deserialized which enables untrusted code to execute during deserialization
(see also RIVER-362).
The idea is to make code downloading extensible. Codebase annotations should be
objects implementing a well known interface encapsulating the way how code is
downloaded.
Prior to execution codebase annotations would be verified for trust.
That way:
1. Clients are decoupled from the mechanism used to download service proxy code
2. No code is executed before verifying the codebase for trust.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
