> Ok I see. I will start with some simple read and write security impl.
> I think that comes "permission on method and class" relativ near, or?
> For that I will create an own sub-package
..simplestore.persistence.security. Ok?
> This will be the place for java.security.acl implementations. I will start
> implementing this and then we will see how this object stuff fits in.
>
> Maybe PersistenProxy gets an second constructor, or something else to
handle
> this securtiy things or not.
>
> What do you think?
1.Yes permission on method or class is the same for implementation.
2.implementation for java.security.acl.* is good idea
3. Permission on object is optional, because it is impossible to implement
for all
situations, but user must have possibility to plug his implementation
specific security.
invoke( ... method ...){
checkCallerIsMappedToSomeRole( caller, method );
usedDefinedInvoke(caller, object, method , params );
// it can be used for security, but used can decide to invoke any action,
like validation or
// assert :
// "assert( param[0] != null ) "
..................................................................
}
>
> ~Gerhard
>
> --------------------------------------------
> Give me ambiguity or give me something else.
> --------------------------------------------
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
