On Tuesday, February 12, 2002, at 10:25 AM, Chris Holman wrote:
> [Eric Dobbs Wrote]
>> grant
>> codebase TURBINE_GROUP
>> Principal TURBINE_ROLE {
>> permission TURBINE_PERMISSION;
>> }
>
> Seems a little convoluted and inflexible ... maybe thats just me?
> I was hoping that the Principal IF would be more adaptable!
I agree. My main point was to map the concepts of
JAAS codebase and Turbine 2 TURBINE_GROUP
> The idea of a Principal Interface is quite nice though. It allows
> the policy to be relitively simple. It just doesnt seem to
> provide the sophistication required by the Turbine style
> permissions model.
I haven't given this very much thought, but there
might be an instructive example in O'Reilly's
_Java_Security_. Starting on p. 372 there is a
description of a custom implementation of JAAS
Policy class to enable user specific file
permissions. That might provide a better option
than my codebase->TURBINE_GROUP mapping.
-Eric
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
