I too am looking down this path. I have only briefly looked at somehow integrating the current Turbine security model into AXIS as my web app uses both turbine and AXIS.
Stephen... > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 10 June 2003 10:24 PM > To: [EMAIL PROTECTED] > Subject: AXIS and RBAC > > > > Dear AXIS List, > > I'm working on developing an RBAC (Role Based Access Control) > system to > protect our Asset Management resources. Currently, I have a > PermissionsHandler which sets the permissions necessary to > perform a given > operation. This information is then set in the MessageContext and is > referenced by the AuthorizationHandler. > > Now it occurs to me that it would be alot more flexible (not > to mention > writing less code on my end) to specify this permission in an > XML file, > which could then be referenced by a generic > PermissionsHandler instead of > having a seperate PermissionsHandler for each service. > > Before I head down this road, I thought I would check to see > if this was > something that had been tackled already. I didn't see > anything in either > the WSDD schema or the WSDL specification, but it's possible > I could have > missed something. > > > Thanx, > Ian > > Ian D. Stewart > Open Systems Engineer II > Enterprise Midrange - Bank One Infrastructure & Operations > [EMAIL PROTECTED] > (614) 213-6100 > > > > This transmission may contain information that is privileged, > confidential and/or exempt from disclosure under applicable > law. If you are not the intended recipient, you are hereby > notified that any disclosure, copying, distribution, or use > of the information contained herein (including any reliance > thereon) is STRICTLY PROHIBITED. If you received this > transmission in error, please immediately contact the sender > and destroy the material in its entirety, whether in > electronic or hard copy format. Thank you. > >
