Over the last few days I have committed a bunch of updates to the repository, activation, and composition package that enable the following:
* Declaration in a kernel configuration of a bunch of permissions granted by a system to a runtime. The permissions assigned by the kernel are accessible though the SystemContext (available to all model implementations). E.g.
SystemContext system = context.getSystemContext();
SecurityModel security = system.getSecurityModel();
Permission[] permissions = security.getPermissions();* the ability to declare requested permissions on a component using an @avalon.security.permission tag. These permission are exposed on a component Type instance. For example:
Type type = componentModel.getType();
SecurityDescriptor security = type.getSecurity();
PermissionDescriptor[] permissions =
security.getPermissions();The next item on the agenda is to establish a deployment failure when the available permissions do not encompass the permissions requested by a component.
Following this we will need to introduce the ability to declare overriding security profiles via a local system configuration (override targets). This is partly in place but still needs a little more work to integrate the solution into the class loader model creation methods. Also I'm interested in getting in place permission profiles (suggested by Niclas) so that we can more easily manage different security scenarios.
Cheers, Stephen.
--
|------------------------------------------------| | Magic by Merlin | | Production by Avalon | | | | http://avalon.apache.org/merlin | | http://dpml.net/merlin/distributions/latest | |------------------------------------------------|
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
