on 12/6/2000 9:22 AM, "Tracy Adewunmi" <[EMAIL PROTECTED]> wrote:
> At any rate, I was expecting the security services provided by Turbine to
> also provide methods such as getPolicy/setPolicy, getRealm/setRealm, and
> also auditing functionality. I realize I neglected to include the later in
> my definition of what a policy server does but this is definitely
> functionality that should exist in a entity that enforces policy. How is
> security auditing handled within Turbine?
I would consider a "Realm" to be similar to the new "Group" functionality
that was recently added.
Could you please define what you consider "security auditing" to be? In
other words, what would you like to see this function play? Given that all
of the Roles, Permissions, Groups are stored in database tables, it is
pretty easy to see what permissions are in any given Role.
> One immediate question that came to my mind was if I wanted to use the
> static getPolicy() method provided by the java.security.Policy object, how
> would I go about doing this in Turbine if there is no inherit mechanism for
> setting policies? I suppose I was looking for Turbine to provide a "Policy"
> object. I'll spend more time with the AccessController/AccessControlList
> objects and maybe I'll find the answers to my questions there.
A java.security.Policy is simply a collection of Permissions.
In Turbine, the equivalent is called a "Role".
-jon
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
