On Monday 05 January 2004 19:36, Niclas Hedhman wrote:
> Also, I would like to have the @permission-requirement as close to the code
> as possible, method level, and that the "meta generator" can aggregate it.
This aggregation is for ALL classes in the implementation. There would also
need to be
Fist of all, thanks for the useful feedback
On Monday 05 January 2004 17:32, Stephen McConnell wrote:
> Niclas Hedhman wrote:
> I like the approach although think we need to separate the declaration
> of permission requirement from the granting of permissions. >
>
>demo
>
Niclas Hedhman wrote:
Gang,
Since deployment went fairly well, I now want to look into codebase level
Security (scheduled for 3.4).
NOTE!!! Please don't confuse this with Subject level Security and JAAS
leveraging. That is the next step. This must be sorted out first.
I have in mind that for
Niclas,
> -Original Message-
> From: Niclas Hedhman [mailto:[EMAIL PROTECTED]
> Sent: Sunday, January 04, 2004 12:06 PM
> To: Avalon Developers List
> Subject: Re: Codebase level security
>
> On Sunday 04 January 2004 23:59, Alex Karasulu wrote:
> > Take a look
On Sunday 04 January 2004 23:59, Alex Karasulu wrote:
> Take a look at how the XACML folks are trying to represent
> access controls. It might be worth basing the XML on XACML
> or a subset of it.
AFAICT from the "Introduction to XACML" it is Subject Level security. (see my
NOTE).
What I am "on
Niclas,
Take a look at how the XACML folks are trying to represent
access controls. It might be worth basing the XML on XACML
or a subset of it.
I'm not very familiar yet (will be looking into it soon) but
I think there might be something there. If XACML becomes the
de facto standard for repres
