[
https://issues.apache.org/jira/browse/RIVER-436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michal Kleczek updated RIVER-436:
---------------------------------
Priority: Minor (was: Blocker)
> Codebase annotations should be objects implementing a known interface instead
> of Strings
> ----------------------------------------------------------------------------------------
>
> Key: RIVER-436
> URL: https://issues.apache.org/jira/browse/RIVER-436
> Project: River
> Issue Type: Bug
> Components: net_jini_core, net_jini_io, net_jini_security
> Reporter: Michal Kleczek
> Priority: Minor
>
> Right now codebase annotations are Strings containing a space separated list
> of URLs . This has several drawbacks:
> 1. Code downloading is not dynamically extensible. All the parties in the
> network have to apriori agree on a set of URL handlers. Introduction of a new
> provisioning mechanism - for example based on Maven - requires at least
> reconfiguration of all participants
> 2. There is no way of verifying downloaded code before it is actually
> executed. Right now a TrustVerifier is obtained and used only after a service
> proxy was deserialized which enables untrusted code to execute during
> deserialization (see also RIVER-362).
> The idea is to make code downloading extensible. Codebase annotations should
> be objects implementing a well known interface encapsulating the way how code
> is downloaded.
> Prior to execution codebase annotations would be verified for trust.
> That way:
> 1. Clients are decoupled from the mechanism used to download service proxy
> code
> 2. No code is executed before verifying the codebase for trust.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
