RE: Last posting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thankyou for making our decision for us. Orion will not be our choice of J2EE platform, as our evaluation has shown that its users are rude and obnoxious. We have decided that it would not be in our best interest to be associated with people of this nature. Whilst everyone is flustering over rather pointless postings (as is my observation over the last couple of days), real potential Orion customers are being turned away by its self obsessed (and somewhat childish) user group. I asked a question, and was ignored. It was quite obvious from my question that I am under a fair amount of pressure, and I had (wrongly) presumed that a commercial application server would have a reasonably professional following. Let me also point out that it was not arrogance, it was a cry for help. I currently close to redundancy, I have a wife who is 6 months pregnant, and I have a 2 year old daughter. Forgive me for appearing a little stressed as I try to feed and clothe them, but it was not something I had wished to share. But I guess you wouldnt care, seeing as you're a typical newsgroup/mailing list troll - we've seen you before, in various forms, under various names. Always the one to jump on the weak whenever the opportunity arises. And you have the cheek to call me arrogant? You're forgotten about already. . o O ( Wonders where the 'human' element dissapeared to in all of this - bring back the old Internet ) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mike Cannon-Brookes Sent: 15 February 2001 01:27 To: Orion-Interest Subject: RE: Last posting This is one of the most arrogant postings I've ever seen on a public user mailing list. rant Cliff, might I profer my humblest apologies for not acknowledging your post, I'll make sure next time to send you an email saying that I got it. Right. In addition, I agree that not answering YOUR query calls into question the professionalism of everyone on this list. You are not mistaken at all. You are a fool. /rant -mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Cliff Rowley Sent: Thursday, February 15, 2001 10:58 AM To: Orion-Interest Subject: Last posting -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pardon me if I sound a little rude, but since not a single person has even acknowledged my last post, do I assume that (a) noone cares or (b) noone knows? I am very keen to get started, and very keen to evaluate the various avenues open to us, and I had expected a commercial application to have a reasonably professional following. Perhaps I was mistaken and I should look elsewhere? Cliff Rowley -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOosbgApjs58+bOhlEQKwigCgnaxMsVQAHoiFpkfbNk48fqTDWXsAoMNy HxbYNGGXjPNB/neGWBPbq8yf =RK40 -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOouwcgpjs58+bOhlEQIavgCaA0Q3ggIHpwV0U9fJA+ssaSSELDYAn13K evgGHQ0JvZUEHhUrKQHxiiRt =YQE8 -END PGP SIGNATURE-
RE: Last posting
Tim, thankyou for your mature and decent reply - it is very much appreciated. I must apologise for being rather obtrusive, I am almost ready to crack and 'let them take me away', and everyone seems to be taking a fair whack from it just recently. Some people react like bulldogs, and some people care to remember they are dealing with real people with real problems. Sorry if I caused you any displeasure. Cliff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Endres Sent: 15 February 2001 03:22 To: Orion-Interest Subject: Re: Last posting Cliff, I think your posting was sufficiently complex and general that it was unlikely to generate a reponse. Speaking for myself, but suspecting that it applies to other "professionals", I am very busy, and do not have the time to devote to such a response. Sorry. However, I believe you would be more likely to get a reply if you try asking specific questions. tim. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pardon me if I sound a little rude, but since not a single person has even acknowledged my last post, do I assume that (a) noone cares or (b) noone knows? I am very keen to get started, and very keen to evaluate the various avenues open to us, and I had expected a commercial application to have a reasonably professional following. Perhaps I was mistaken and I should look elsewhere? Cliff Rowley -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOosbgApjs58+bOhlEQKwigCgnaxMsVQAHoiFpkfbNk48fqTDWXsAoMNy HxbYNGGXjPNB/neGWBPbq8yf =RK40 -END PGP SIGNATURE-
RE: Security between applications?
Title: SV: Security between applications? No, your answer is perfect - my aim was to try to be able to specify which applications can access particular datasources. Now I know that it is not possible using the defined mechanisms, I can move on to find another solution. Thankyou *very* much for your help Magnus, it is very much appreciated. It's nice to know someone actually reads the posts :) Cliff -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Magnus RydinSent: 15 February 2001 07:22To: Orion-InterestSubject: SV: Security between applications? Im not sure I understand the question correctly. There is no way to define a datasource and say which apps should be able to access it. You can specify WHAT datasource a certain app should use though. Is this what you are after? WR -Ursprungligt meddelande- Från: Cliff Rowley [mailto:[EMAIL PROTECTED]] Skickat: den 13 februari 2001 11:09 Till: Orion-Interest Ämne: Security between applications? Greetings, We are currently evaluating the various J2EE solutions available for a venture that we hope to deliver to the world in a few months. Whilst reading the documentation for each, I dont appear to be able to configure Orion to suit the way the project will work. In order for our application to be of any use, we need to be able to implement a fair amount of security, since JSP pages may be at the mercy of people who are not us. Basically the application will provide a farm of hosts on which we will be offering certain services. Each application needs to have a data source that it, and only it has access to. The current problem as I see it is that if I define a connection in data-sources.xml, then every web application deployed on the server or cluster of servers has access to it. We need some way of securing that while still being able to use EJB in all its glory. We need to be able to offer the opportunity of creating and editing content without compromising the security of other applications on the system. Could anyone give us some tips and pointers on this? Thanks Cliff Rowley
RE: Security between applications?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Weblogic is next on the list, the only problem being that I am funding this entirely myself until we have a solid enough presentation to try for investment (and one of my own machines is looking more like a colo every day :\). We're not giving up hope yet! Currently I'm looking at a JBoss/Resin combination, as they both offer certain features I'm keen to employ. I run Resin on my development BSD box, and I am impressed with its simple yet powerful configuration, which enables me to easily auto-generate it, and JBoss has some very nifty hot deployment features and I believe I can secure it at EJB level as well as connection level using its JAAS support (http://www.jboss.org/newsite/documentation/HTML/ch08s32.html). - --- I'd like to apologise to anyone offended by my earlier postings, I was out of line - and I perhaps deserved the reception I received. I dont think I deserved being called a fool, however, since I am not. I defy anyone to say they've never done anything irrational under stress. I'd also like to thank those who saw through it and answered in a mature and professional manner, and I hope they forgive my outburst. - --- Cliff -Original Message- From: Konstantin Polyzois [mailto:[EMAIL PROTECTED]] Sent: 15 February 2001 16:04 To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Security between applications? Securing datasources is no match for Weblogic. I do not know how Orion handles this. /korre -Original Message- From: Cliff Rowley [mailto:[EMAIL PROTECTED]] Sent: den 13 februari 2001 20:09 To: Orion-Interest Subject: Security between applications? Greetings, We are currently evaluating the various J2EE solutions available for a venture that we hope to deliver to the world in a few months. Whilst reading the documentation for each, I dont appear to be able to configure Orion to suit the way the project will work. In order for our application to be of any use, we need to be able to implement a fair amount of security, since JSP pages may be at the mercy of people who are not us. Basically the application will provide a farm of hosts on which we will be offering certain services. Each application needs to have a data source that it, and only it has access to. The current problem as I see it is that if I define a connection in data-sources.xml, then every web application deployed on the server or cluster of servers has access to it. We need some way of securing that while still being able to use EJB in all its glory. We need to be able to offer the opportunity of creating and editing content without compromising the security of other applications on the system. Could anyone give us some tips and pointers on this? Thanks Cliff Rowley -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOowBNgpjs58+bOhlEQJiJQCgjNVh2G+Adqa2lDWOtOFxYht5WEoAoOgp kwYzWr78KQOvNMVnHiArp4bz =+nWQ -END PGP SIGNATURE-
Last posting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pardon me if I sound a little rude, but since not a single person has even acknowledged my last post, do I assume that (a) noone cares or (b) noone knows? I am very keen to get started, and very keen to evaluate the various avenues open to us, and I had expected a commercial application to have a reasonably professional following. Perhaps I was mistaken and I should look elsewhere? Cliff Rowley -BEGIN PGP SIGNATURE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOosbgApjs58+bOhlEQKwigCgnaxMsVQAHoiFpkfbNk48fqTDWXsAoMNy HxbYNGGXjPNB/neGWBPbq8yf =RK40 -END PGP SIGNATURE-
Security between applications?
Greetings, We are currently evaluating the various J2EE solutions available for a venture that we hope to deliver to the world in a few months. Whilst reading the documentation for each, I dont appear to be able to configure Orion to suit the way the project will work. In order for our application to be of any use, we need to be able to implement a fair amount of security, since JSP pages may be at the mercy of people who are not us. Basically the application will provide a farm of hosts on which we will be offering certain services. Each application needs to have a data source that it, and only it has access to. The current problem as I see it is that if I define a connection in data-sources.xml, then every web application deployed on the server or cluster of servers has access to it. We need some way of securing that while still being able to use EJB in all its glory. We need to be able to offer the opportunity of creating and editing content without compromising the security of other applications on the system. Could anyone give us some tips and pointers on this? Thanks Cliff Rowley