Thanks for the reply James. Your approach has 2 problems: 1. The most important one is : I want to avoid slide security checks for performance reasons and specially since I am already doing the authorization, I definitely want to avoid slide side overhead. 2. Even if I ignore performance, I still face a problem with the user info logging against every activity. In other words I lose the information about who uploaded the file/locked it/checked it in.
What about the namespace solution... is it possible to configure different security properties for a different namespace in the same App Server instance? Or could you suggest some other alternate whereby I could turn off security checks when accessed from a particular client? Regards, Ritu -----Original Message----- From: James Mason [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 24, 2004 10:28 PM To: Slide Users Mailing List Subject: Re: A question on security configuration Ritu, One option might be to have a user account with all access to every node in your store and always use that account when connecting with your application. -James Ritu Kedia wrote: > I am using Slide in 2 modes: > 1. From within my Application, in which case my application acts as the > entry point for a client. > 2. From a third party client, in which case Slide is the entry point for the > client. > > Slide is accessed from within my application using the Slide WebDAV client > lib. Whereas it is accessed from the third party client via WebDAV (e.g. > WebFolders in MS). > In both these cases, the authentication is done using JAAS. And > authorization depends on the mode of access. When accessed from within my > application, the authorization will be done by my application but when > accessed directly from a 3rd party client, the authorization should be done > by Slide's security support. In other words, my requirement is to turn off > Slide's security in one mode and turn it on in the other mode. Both modes > would be active simultaneously. Could someone please provide me any > hints/help with designing a solution for the above requirement? > > One thought is to have 2 different namespaces, one for each of the above > mode. Both these namespaces would access the same store but would have > different security configurations. Is this achievable? I think this depends > on whether slide.properties is applicable per namespace or per domain. If > anyone has implemented such a solution, then please do let me know. > > > Regards, > Ritu > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
