The SecurityProxy is a JBoss proprietary feature that Geronimo
doesn't support. At the moment we don't have anything directly
comparable implemented.
Starting with j2ee 1.4 the "official" way to implement security
dependent on the ejb method calls is to do it in a JACC provider. In
a JACC provider you can use the ejb method call in the determination
of whether to grant an ejb permission to a caller. I suspect we
could write a JACC provider that delegated to something like the
JBoss SecurityProxy. When considering this before I was thinking
more in terms of a rule engine, but certainly just writing code is
simpler :-)
Would you be interested in working on an implementation of this? I'm
interested but currently short of time, but I'd be happy to discuss
how to do it with you.
thanks
david jencks
On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
Hi!
I'm in the process to migrate to Geronimo an application originally
build for JBoss.
This application uses custom EJB security through implementing the
org.jboss.security.SecurityProxy interface. How could this be done
with
Geronimo. The reasons I've approached this issue that way and not the
facade bean using isUserInRole are the tight integration with the
application server architecture and that of this way I can write neat
and more maintainable code.
PD: sorry, my English sucks.
Thanks in advance.
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
