Hello, Manoj I am searching a framework which changes the bytecode directly, without modifying source code. As you knew, this is bytecode engineering or enhancement. Based on this idea, I thought JSecurity modified bytecode in order to support a security functionality relieving a programmer from the burden of having to implement important security concerns by hand.
So, is the method of supporting the security functionality a type of API at JSecurity (or Apache Ki)? Myoungkyu Manoj Khangaonkar wrote: > > Hi Myoungkyu, > > Just curious, what kind of security policies are you interested in ? > Can you give an example. > > Authorization policies ( role based or other ) that shiro supports > does not necessarily require any byte code manipulation. > > thanks > > Manoj > > On 6/28/09, mksong <[email protected]> wrote: >> >> Thanks for your reply. >> >> For example, Hibernate does not perform any bytecode >> manipulation on its own, but it uses a proxying library that >> creates proxies at the bytecode level. >> >> If you do not manipulate bytecode, >> how do you enforce security policies then? >> >> Regards, >> Myoungkyu >> >> >> >> Les Hazlewood-2 wrote: >>> >>> Hiya, >>> >>> The project (now named Shiro) does not perform bytecode manipulation of >>> any >>> sort. >>> >>> Regards, >>> >>> Les >>> >>> On Sat, Jun 27, 2009 at 11:26 PM, mksong <[email protected]> wrote: >>> >>>> >>>> Hello, All >>>> >>>> I am carring out an experiment on JSecurity's bytecode engineering. >>>> >>>> I tested JSecurity to see if the framework would generate any >>>> >>>> bytecode related to security or add anything to the existing ones. >>>> >>>> With the attached log file, I am not sure if JSecurity does bytecode >>>> engineering or not. >>>> (Here are the log file at loading time and the slide file explaing what >>>> I >>>> did: >>>> http://people.cs.vt.edu/~mksong/jsecurity/<http://people.cs.vt.edu/%7Emksong/jsecurity/> >>>> http://people.cs.vt.edu/~mksong/jsecurity/<http://people.cs.vt.edu/%7Emksong/jsecurity/>) >>>> >>>> Is it true? >>>> >>>> -- >>>> View this message in context: >>>> http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3168851.html >>>> Sent from the Shiro User mailing list archive at Nabble.com. >>>> >>>> >>> >>> >> >> -- >> View this message in context: >> http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3170891.html >> Sent from the Shiro User mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3171906.html Sent from the Shiro User mailing list archive at Nabble.com.
