This is a design question for my GSOC 2011 project, enhancing geoserver security.
I have to main interfaces, GeoserverUserGroupService and GeoserverGrantedAuthorityService for managing user/groups and role assignments. I developed some implementations (in memory, xml and jdbc) which will be shipped with geoserver. Additionally, I want to offer the possibility to develop custom implementations and a mechanism to plug them in. My idea is similar to the java protocol handlers as described here http://download.oracle.com/javase/1.4.2/docs/api/java/net/URL.html using a system property called java.protocol.handler.pkgs. Description of this concept adapted to geoserver security: 1) Introduce a system property named org.geoserver.security.pkgs 2) The value of the property is a list of package names delimited by "|" 3) The last component of the package name is the name for the customized implementation. Example: -Dorg.geoserver.security.pkgs=org.mycompany.security.test1 | org.mycompany.security.test2 At runtime, I will look into these two packages for classes named GeoserverUserGroupServiceImpl or GeoserverGrantedAuthorityServiceImpl. If the classes are there (or at least one of them), I will check if the classes implement the interfaces mentioned above. On success, the runtime registers the new implementations (singletons) using test1 and test2 as names. Opinions, better ideas ? Cheers Christian ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey _______________________________________________ Geoserver-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-devel
