[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjms-developer
Subject:    RE: [openjms-developer] RE: Admin API and GUI
From:       "Tim Anderson" <tma () netspace ! net ! au>
Date:       2003-08-01 10:26:59
[Download RAW message or body]

Create an AdminConnectionMgr class to handle AdminConnection
instances. This should use AuthenticationMgr to authenticate
connection attempts, and assign a unique identifier to
authenticated connections.

When AdminConnection methods are invoked, they should submit
the identifier so it can be verified against the list of active
admin connections maintained by the AdminConnectionMgr.

ACL support can be added later, post 0.7.6.

Regards,

Tim

> -----Original Message-----
> From: openjms-developer-admin@lists.sourceforge.net
> [mailto:openjms-developer-admin@lists.sourceforge.net]On Behalf Of Knut
> at work
> Sent: Friday, 1 August 2003 9:59 PM
> To: openjms-developer@lists.sourceforge.net
> Subject: Re: [openjms-developer] RE: Admin API and GUI
>
>
> see inline
>
> ----- Original Message -----
> From: Tim Anderson
> To: openjms-developer
> Sent: Tuesday, July 29, 2003 3:58 PM
> Subject: [openjms-developer] RE: Admin API and GUI
>
>
> I've committed the changes as is, but I would like to see
> modifications as described previously.
>
> One thing to note is that with the current implementation,
> it is still possible to invoke admin API methods with
> an unauthenticated connection, simply by not invoking
> connect().
> [K]
> Thats correct, I didnt impl. this since I didnt know how you
> wanted it done.
>
> This needs to be changed so that the admin connection
> identifier is submitted with each admin request -
> [K]
> Do you want to use the ClientId, ConnectionId (returned form the server on
> connect()) or both?
> As I see it the ClientId alone is not unique enough since it is
> possible to
> generate duplicates.
>
> the server can verify this against the list of authenticated
> admin connections before performing any operation.
> [K]
> This is as I see it a part of the authorization and should be
> treated in the
> Acl.
> We could of course make a quick solution for now by just check the id for
> every operation.
>
> Do you want to have a AuthorizationMgr to handle this or do you
> want to have
> a common Mgr e.g. SecurityMgr to handle both Authentication and
> Authorization??
>
>
> Regards,
>
> Tim
>
>
>
> -------------------------------------------------------
> This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> Data Reports, E-commerce, Portals, and Forums are available now.
> Download today and enter to win an XBOX or Visual Studio .NET.
> http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072
> 303_01/01
> _______________________________________________
> openjms-developer mailing list
> openjms-developer@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openjms-developer
>




-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
openjms-developer mailing list
openjms-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openjms-developer
[prev in list] [next in list] [prev in thread] [next in thread]