Duke,
> -----Original Message-----
> From: Duke Fong [mailto:[EMAIL PROTECTED]]
> Sent: 12 February 2002 21:25
...
> I saw your posting in the Turbine news group. Did you
> successfully plug a
> JAAS Subject/Principals into the current Turbine Framework in place of
> their Users? Please let me know. Thanks in advance.
The execise was more of a feasability study.
Eric Dobbs suggested the following:
> Sent: 12 February 2002 16:55
...
> grant
> codebase TURBINE_GROUP
> Principal TURBINE_ROLE {
> permission TURBINE_PERMISSION;
> }
This looks as though it contains all the semantics required for the current
Turbine authorisation model, but is it flexible enough for all future
applications? I'd take a bet that someone can come up with a scenario that
doesnt fit with this model.
I feel the key to providing such a flexible permissions model lies within
the Principal Interface, or at least a re-designed version.
JAAS has many excellent design concepts that would be silly to ignore. Using
these concepts and improving the Principal IF could result in a very
powerful, authorisation system. (like JAAS, but better) ;-)
Chris
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
