I think this would be a good way to go, and easy since this is already supported internally - just not specifiable. I've now modified my Xalan to pass my own SecurityManager and everything looks to be working the way I need. I'll post this suggestion on the issue tracker. Thanks for the help!
bimargulies wrote: > > Xalan could play in the general Java Security Manager framework and > allow you to bound the set of extension functions, if only by allowing > you to specify the classloader. > > On Mon, Mar 2, 2009 at 12:57 PM, Johan Zxcer <nab...@zurahn.com> wrote: >> Back to practical reality though, it sounds like there is no such API >> mechanism built in to Xalan. However looking at the >> extension/ObjectFactory >> class, I may be able to accomplish what I need by temporarily changing >> the >> current SecurityManager in place to set the limits I need, and Xalan will >> respect that. Not exactly thread safe, I'll post how it works out >> though.. >> >> >> bimargulies wrote: >>> >>> From: Benson Margulies <bimargul...@gmail.com> >>> Date: Sun, Mar 1, 2009 at 8:46 PM >>> Subject: Re: Usage model - no source XML, just api calls >>> To: Dave Brosius <dbros...@mebigfatguy.com> >>> >>> >>> This whole story doesn't make sense entirely from a security >>> standpoint. Let's see if I've got this straight: >>> >>> people you don't trust to look at the data are allows to write and >>> render stylesheets. The JVM is connected to a database full of data >>> they aren't allowed to see in detail, only in summary. You are >>> concerned that they will go fishing for functions that would allow >>> them to grab what they cannot see. >>> >>> From a security standpoint, I'd say that you need some more >>> architecture here. Like, put the sensitive data behind a web service, >>> require authentication, and have the web service API be just the >>> allowed aggregating functions. Then turn them loose on Xalan/xslt, >>> secure in the knowledge that all they can do by being cute is shoot >>> themselves in the feet. >>> >>> > Yeah, this is in essence what I'm doing, but within the context of a larger app I needed a way to restrict what classes were available as extensions, to avoid the obvious security hole! Dennis van der Laan wrote: > > Hi, > > We built a (web) content management system using Xalan XSLT for > transforming XML-documents into one HTML file... > -- View this message in context: http://www.nabble.com/Usage-model---no-source-XML%2C-just-api-calls-tp22264025p22311143.html Sent from the Xalan - J - Users mailing list archive at Nabble.com.
