On Apr 19, 2006, at 10:40 AM, Bruce Snyder wrote:
On 4/18/06, Hossam Karim <[EMAIL PROTECTED]> wrote:
Just thinking:
- Security is a service
- A component installed inside SM can support a SM specific security
contract, in which a security provider implementing this contract
can be
bound to one or more installed components. This provider can provide
authentication, digital signature verification, XML encryption and
decryption, integration with LDAP, etc.
- A component that has a security provider installed should
delegate all
security operations to its provider.
- A component that has a security provider should provide additional
management operations through JMX to secure its lifecycle management.
Actually I agree with Hossam here. I've always considered that
security would be delegated to other components, not built into the
core of each component. This will allow a wider variation of security
models to be addressed and will also allow custom security components
to be created to address custom security models on a per enterprise
basis.
When coding Geronimo, I have found that as soon as I say, "no one
will ever do X" someone shows me a service doing just that, so my
question is, how will ServiceMix handle components that have security
"built into the core"?
-dain
