Hi, I apologize of this is not the correct forum for this e-mail - I have just joined. What is the plan for the security mangager ?
I was hoping that Authentication, Authorization and user management would be separate services that would be independant of each other. I should be able to replace the authentication module if I need to - for example I may need to authenticate on username, password and some other token say the IP address. I may need to replace the user management by a component such as the OMG Party management Spec. In my mind parties are identified by a single ID. A party may have zero or more identities and each identity would have a set of capabilities (ACLs) associated with them. Thanks - viraf --- Jason van Zyl <[EMAIL PROTECTED]> wrote: > Hi, > > I'm not sure what's going on with the security code > in the > rundata_security_changes branch but I think we're > veering off a bit: > > 1. The security model should be completely self > contained, so that the new > model that you (eric and gonzo) should be > completely isolated in the > o.a.t.security.turbine package. There shouldn't > be any interfaces in > the o.a.t.security package except for the > SecurityManager. > > 2. We agreed that SecurityManager is going to be the > controlling unit for > security. A SecurityManager may use several > SecurityModels in > an application. I am -1 on the use of Policy as a > replacement for > SecurityManager: I don't want to use JAAS > nomenclature at the top > level and I would like to follow the patterns > used Stratum and > Fulcrum where we have Xmanager. I don't think > policy accurately > describes what something like a security manager > would do. > > I am about get the fulcrum security stuff working so > I would like to push > all currently proposed security code into > o.a.t.security.turbine so it's > self contained and make a new o.a.t.security.fulcrum > package where I will > bundle all the classes that are bound to fulcrum. > > The other I had for gonzo and eric is: can't you > primarily use what's in > fulcrum as a basis and fix what was a problem? I > haven't started looking in > depth at the proposed code I'm just asking. I know > the current security code > is problematic but I'd say it's 80% there interface > wise. > > -- > > jvz. > > Jason van Zyl > > http://tambora.zenplex.org > http://jakarta.apache.org/turbine > http://jakarta.apache.org/velocity > http://jakarta.apache.org/alexandria > http://jakarta.apache.org/commons > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > __________________________________________________ Do You Yahoo!? Send FREE Valentine eCards with Yahoo! Greetings! http://greetings.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
