[jira] Closed: (JS2-114) Provide a More Modular Security Implementation

Sat, 02 Oct 2004 16:17:40 -0700 

Message:

   The following issue has been closed.

   Resolver: David Le Strat
       Date: Sat, 2 Oct 2004 4:19 PM

Will open another issue for multiple security handlers support.
---------------------------------------------------------------------
View the issue:
  http://issues.apache.org/jira/browse/JS2-114

Here is an overview of the issue:
---------------------------------------------------------------------
        Key: JS2-114
    Summary: Provide a More Modular Security Implementation
       Type: Improvement

     Status: Closed
   Priority: Major
 Resolution: FIXED

    Project: Jetspeed 2
 Components: 
             Security
   Fix Fors:
             2.0-dev/cvs
   Versions:
             2.0-dev/cvs

   Assignee: David Le Strat
   Reporter: David Le Strat

    Created: Sat, 4 Sep 2004 3:12 PM
    Updated: Sat, 2 Oct 2004 4:19 PM

Description:
The current security implementation makes it difficult to swap the default 
implementation for another implementation.  Based on the security requirements, J2 
users may want to:

- Persist users in various datastore.  This affect user security as well as user 
attributes.
- Persist role and group in various datastore.
- Map to multiple credentials.
- Change the default security mapping implementation.

Proposal:

- Provide a more modular security approach based on handlers for principals and 
credentials.  The new security SPI model will introduce and AuthenticationProvider and 
a SecurityProvider.  The AuthenticationProvider is essentially a utility/bridge class 
for the LoginModule.  The SecurityProvider provides access through an SPI model to a 
UserSecurityHandler, CredentialHandler, RoleHandler, GroupHandler, and 
SecurityMappingHandler.  The SecurityProvider is used by the aggregate services 
(UserManager, RoleManager and GroupManager) and therefore allow substitution of the 
backing store at the aggregate level.  The default implementation will essentially 
provide the current implementation behavior but will facilitate the introduction of 
new backing stores.

- The second step of this rework will address user attribute and provide the support 
for multiple backing stores as well.  This will essentially require the ability to use 
a specific Prefs implementation backing store.


---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.

If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa

If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to