Hi!
Using thread local variable was my team's first concept. But personally I
think that using thread local variable doesn't help to keep a design clear.
I many past situations it was cause of hard to fix errors.
I'm not familiar with merlin implementation.I just have started digging into
container sources and I saw security topic in Merlin roadmap.
Did you have any thoughts how would you do this if you had time and
resources? :))
I think my last concept with SecureServiceManager was a one big mistake
because it would force developers to call lookup() on default service
manager and secure service manager if service requires authorization or not.
Jarosław
----- Original Message -----
From: "Stephen McConnell" <[EMAIL PROTECTED]>
To: "Avalon framework users" <[EMAIL PROTECTED]>
Sent: Saturday, February 07, 2004 12:09 AM
Subject: Re: Session handling in Merlin container
Jarosław
Merlin does not provide support for principal based access control (at
this time). What you could do is to associate a principal identity as a
thread local variable and grab this inside you service implementation.
The implementation would typically so a priv validation as part of the
service method implementation. This eliminates the necessity to pass a
specific argument to a service manager.
Howe that helps.
Stephen.
Jarosław Pałka wrote:
> Hi!
>
> I'm trying to solve common problem in my application which works under
> Merlin container. I need to check user rights to call lookup() on
> ServiceManager for particular component.First thing that came to my mind
is
> to use decorated version of ServiceManager with small modification in its
> interface.
>
> public interface SecureServiceManager{
>
> boolean hasService(String key, Session session) throws
> SecurityException;
>
> Object lookup(String key) throws ServiceException,SecurityException;
>
> void release(Object object);
>
> }
>
> Is it possible ,using for example lifecycle extension, implement it this
way
> or maybe you use another approach to this problem?
>
> Jaroslaw Palka
> Software Architect
> MRT System
> Wodna 2b
> Krakow
> Poland
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
|------------------------------------------------|
| Magic by Merlin |
| Production by Avalon |
| |
| http://avalon.apache.org/merlin |
| http://dpml.net/merlin/distributions/latest |
|------------------------------------------------|
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
----------------------------------------------------------------------
Dobry poczatek Internetu... >>> http://link.interia.pl/f17b8
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
