Re: security

Thu, 20 Jul 2006 07:08:20 -0700 

Jasne takhle nejak sem si to predstavoval, diky.
Kdekdo tady propaguje to acegi, mohli byste mi ukazat jak by to zhruba vypadalo v acegi? 
At vim pro co se mam rozhodnout :)
----- Original Message ----- From: "Martin Krajci" <[EMAIL PROTECTED]> 
To: "Java" <[email protected]>
Sent: Thursday, July 20, 2006 3:21 PM
Subject: Re: security



Dobry den,
Skusil som to nacrtnut ako by to mohlo byt riesene cez reflection API, ale pripominam ze trebalo by tam viacej veci podotahovat, hlavne teda krajsie vytvaranie instancii (Foo) a implementovat isUserInRole, ale princip je tam zachyteny.
Osobne by som sa priklonil za to Acegi ako sme to tu uz viac krat spominali. 

<code>
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;

public class MethodInvoker
{
  public static void main(String[] argv) {
     MethodInvoker mi = new MethodInvoker();
    mi.test();
 }

 public void test()
 {
InvocationHandler handler = new FacadeInvocationHandler(new Foo()); IFoo f = (IFoo) Proxy.newProxyInstance(Foo.class.getClassLoader(), new Class[] { IFoo.class }, handler); 
  f.call();
 }

 /**
  * Very simple facade which delegates all calls to a target object.
  */
 private static class FacadeInvocationHandler implements InvocationHandler
 {
   Object facaded;

   public FacadeInvocationHandler(Object facaded)
   {
     this.facaded = facaded;
   }
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable 
   {   if(isUserInRole()) {
         return method.invoke(facaded, args);         } else {
         return null;
     }
   }
 }

 private static boolean isUserInRole() {
     return true;
 }

 interface IFoo {
     public void call();
 }

 class Foo implements IFoo
 {
   public void call() {
       System.out.print("Called");
   }   }
} </code>

Martin Krajci

Kamzik-II wrote:

Mohl byste uvest nejaky priklad?
Tohle reseni by mozna bylo ono, ale
nedovedu si predstavit realizaci, jak by to zhruba fungovalo?

----- Original Message -----
From: "Martin Krajci" <[EMAIL PROTECTED]>
To: "Java" <[email protected]>
Sent: Thursday, July 20, 2006 1:19 PM
Subject: Re: security



Dobry den,

Nie som si isty ci JEE alebo JSE nieco maju, ale vsak si to mozete sam
naprogramovat pomocou java reflection API.

Martin Krajci

Kamzik-II wrote:

Takze bez nejakeho frameworku treti strany to nejde?


----- Original Message -----
From: "Martin Krajci" <[EMAIL PROTECTED]>
To: "Java" <[email protected]>
Sent: Thursday, July 20, 2006 10:43 AM
Subject: Re: security



Dobry den,
Pozrite si http://www.acegisecurity.org/ a konkretne 'method invocation 
security'. Acegi sa da pouzit aj bez Springu aby ste toho nemali na
zaciatok moc.

Martin Krajci

Kamzik-II wrote:

Zdravicko lidi,
Potreboval byh poradit :)
Rekneme, ze mam tridu "Xyz", která
obsahuje mimo jiné i metodu "necoUdelej".
Treba takhle:
 public class Xyz
{
 public void necoUdelej ()
{
 System.out.println ( "Hotovo" );
 }
 }
 A potreboval bych nejak zajistit, aby se ta metoda provedla
jenom pokud je pouzita v aplikaci, ktera je spustena, s nejakymi
pravy, jinak aby vyhodila SecurityException...



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________




______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________



______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________




______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ 


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________

Odpovedet emailem