portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ingo schuster <ingo.apa...@web.de>
Subject Re: Jetspeed security
Date Fri, 04 May 2001 15:55:16 GMT
Hi Santiago,

I was _really_ surprised to read that the accesscontrol design it is an IBM 
todo. Oneshould never go on holidays...
Nevertheless, I finally found the guy who wanted to do this: I received a 
JavaDoc for an interface from him - however it shouldn't be called javaDOC 
as it misses any explanation. He did quit some thinking, but there are no 
comments yet :-((. The reason why I still checked it in is that in case 
you're start coding, at least you might get an idea of what he was thinking of.

The basic point (and that's where it is different from the turbine 
permissions approach) is that a access rule consists of _three_ parts: a 
SUBJECT that wants to execute an ACTION on a OBJECT. If I undersand it 
right, a turbine permission is the combination of both, an action and an 
object. The advantage of splitting this in two parameters is that it allows 
to define a very small set of generic actions that don't have to be 
extended, when a new type of object is introduced.

So again apologies for this check-in, it is embarrassing; I just hadn't the 
time to look after it. Saw it myself first time only one hour ago. I 
promise to come back with something useful.

ingo.


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message