Leif Mortenson wrote:
<snip type="good background info"/>
>
> Getting things working turned out to be as simple as modifying the
> org.apache.avalon.fortress.impl.factory.BCELWrapperGenerator class to
> get the
> ProtectionDomain of the class being wrapped and using it when creating
> the new
> wrapper class.
>
> This has the benefit of making it look like the BCEL generated wrapper class
> came from the same jar as the component being wrapped, so its existence can
> be completely transparent to the author of a policy file.
>
> I couldn't think of any way that this could open up any security holes,
> but it
> might me a good idea if someone with more SecurityManager experience
> to do a quick code review. The final changes were quite simple.
Leif, excellent work as always. As of right now, the proxies are doing
little more than proxying. That's a good thing. I have a feeling that
the Java Dynamic Proxy interface does something similar to what you are
proposing. I think that is a good approach, which we can revisit if we
ever need to again.
BTW, what resources did you use to dig up on the Java security model?
It would be beneficial if we had some links.
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe trying to
produce bigger and better idiots. So far, the Universe is winning."
- Rich Cook
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Apache Excalibur Project -- URL: http://excalibur.apache.org/
