How do you see this working in the embedded mode? Mark
Gianugo Rabellino wrote: > As you might have noticed, I commited some new code in scratchpad. It's > nothing special, and it's far from being finished, but I felt that it > was much better to put it in CVS so that interested parties might > discuss it and participate in the development. > > Just to make things clear, I'm strongly against working on this code (or > any other one) for the upcoming release. This might go in a 1.2 or > (better) act as a possible foundation for a new version. > > Now, a short description of what has been committed, so that you might > want to take a look at it. :-) First of all, I decided to try out the > JAAS way (I was already thinking about it, and Murray's hint was a good > help in that direction): I'm still not that sure that it's the perfect > solution for our needs, and I don't think that we might buy the whole > JAAS object model, but for basic needs it might be OK. > > The good news would be that, once in place, security would be pluggable > in a PAM way, so it will be possible to authenticate the Xindice access > against an NT domain or against a JDBC datasource. And the other way > around: since I scratched out also a JAAS LoginModule, once finished > other JAAS compliant applications might be able to authenticate their > users against the Xindice userbase. > > This is how I layered out my ideas and code: there is be in > SystemCollection a collection called SysUsers (it already exists but > it's unused) holding an XML document with the user data (very basic ATM: > just user, passwords and roles). This is actually an XMLSerializable > object, so it's possible to use it in a programmatic way: it might > become a singleton instance in Database.java, with an accessor method > (here there are some security issues: on top of the TODO list is > password encryption). This object will be used for managing the user > base (possibly extending the XMLTools?) and, most of all, by the > XindiceLoginModule that will be the default LoginModule in the JAAS > configuration. Database.getCollection(col, user, password) will > instantiate a JAAS LoginContext and serve the requested collection only > to authenticated users. > > This is of course only the first step, and there are already many > problems to solve here. At a very least I see: > > 1. a chicken and egg problem: we need to ensure that Xindice is able to > operate (internally) without authentication, or it won't be able to > retrieve and modify even the user data. > > 2. authorization. this is an hard issue: with this setup we only have > the benefit of restricting the full access, as a whole, to > unauthenticated users. But is all or nothing: when you are > authenticated, you can do everything. To move forward and have at least > a readonly mode, we have to seriously tweak the internals. I'm thinking > about a Proxy classe for the real Collection (ReadOnlyCollection): do > you think it makes sense? > > OK, thanks if you have read this far, please feel free to fire at will. > > As a final note, I hope that Vladimir will appreciate the TDD. :-) > > Ciao, > > -- > Gianugo -- Mark J Stang System Architect Cybershop Systems
begin:vcard n:Stang;Mark x-mozilla-html:TRUE adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] fn:Mark Stang end:vcard
