You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Surya V Duggirala (JIRA)" <ji...@apache.org> on 2007/04/16 06:51:15 UTC
[jira] Created: (GERONIMO-3101) Role Based J2EE security model for
DayTrader Benchmark
Role Based J2EE security model for DayTrader Benchmark
------------------------------------------------------
Key: GERONIMO-3101
URL: https://issues.apache.org/jira/browse/GERONIMO-3101
Project: Geronimo
Issue Type: New Feature
Security Level: public (Regular issues)
Reporter: Surya V Duggirala
To characterize and assess the performance of Security runtime for J2EE role based security and Java 2 Security, we need a secured version of DayTrader. This can be useful for Web Authenticatin and Authorization and EJB Authentication and Authorization etc.,
Currently I am working on assessing the security performance using DayTrader and wondering whether anyone has done similar studies with DayTrader.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Created: (GERONIMO-3101) Role Based J2EE security model
for DayTrader Benchmark
Posted by suryadu <su...@us.ibm.com>.
Chris,
There are two ways we can implement security to DayTrader. Either
programmatic security which needs changes to DayTrader code and the other
way is Declarative security where security is defined through changes to DD
files. The
model that I am using currently is the later. The Security will be engaged
only when the Global security is enabled from the application server. Till
that time, there won't be any changes that a developer can see while running
the benchmark application. My initial tests also did not show any kind of
performance impact between the secured and non-secured prototype versions.
Surya
Christopher Blythe wrote:
>
> Surya... I really like the idea of adding security to DayTrader to assess
> the performance impact of J2EE and Java 2 security. What changes would be
> necessary to add this in? Would it involve changes to the code in any way,
> or would it simply involve changes to properties and/or DD files? Also,
> how
> easy would it be to switch in between the secured and un-secured versions?
>
> As a side note, I think this JIRA should be opened against DAYTRADER, not
> GERONIMO.
>
> Chris
>
> On 4/16/07, Surya V Duggirala (JIRA) <ji...@apache.org> wrote:
>>
>> Role Based J2EE security model for DayTrader Benchmark
>> ------------------------------------------------------
>>
>> Key: GERONIMO-3101
>> URL: https://issues.apache.org/jira/browse/GERONIMO-3101
>> Project: Geronimo
>> Issue Type: New Feature
>> Security Level: public (Regular issues)
>> Reporter: Surya V Duggirala
>>
>>
>> To characterize and assess the performance of Security runtime for J2EE
>> role based security and Java 2 Security, we need a secured version of
>> DayTrader. This can be useful for Web Authenticatin and Authorization and
>> EJB Authentication and Authorization etc.,
>>
>> Currently I am working on assessing the security performance using
>> DayTrader and wondering whether anyone has done similar studies with
>> DayTrader.
>>
>> --
>> This message is automatically generated by JIRA.
>> -
>> You can reply to this email to add a comment to the issue online.
>>
>>
>
>
> --
> "I say never be complete, I say stop being perfect, I say let... lets
> evolve, let the chips fall where they may." - Tyler Durden
>
>
--
View this message in context: http://www.nabble.com/-jira--Created%3A-%28GERONIMO-3101%29-Role-Based-J2EE-security-model-for-DayTrader-Benchmark-tf3582320s134.html#a10022663
Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.
Re: [jira] Created: (GERONIMO-3101) Role Based J2EE security model for DayTrader Benchmark
Posted by Christopher Blythe <cj...@gmail.com>.
Surya... I really like the idea of adding security to DayTrader to assess
the performance impact of J2EE and Java 2 security. What changes would be
necessary to add this in? Would it involve changes to the code in any way,
or would it simply involve changes to properties and/or DD files? Also, how
easy would it be to switch in between the secured and un-secured versions?
As a side note, I think this JIRA should be opened against DAYTRADER, not
GERONIMO.
Chris
On 4/16/07, Surya V Duggirala (JIRA) <ji...@apache.org> wrote:
>
> Role Based J2EE security model for DayTrader Benchmark
> ------------------------------------------------------
>
> Key: GERONIMO-3101
> URL: https://issues.apache.org/jira/browse/GERONIMO-3101
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public (Regular issues)
> Reporter: Surya V Duggirala
>
>
> To characterize and assess the performance of Security runtime for J2EE
> role based security and Java 2 Security, we need a secured version of
> DayTrader. This can be useful for Web Authenticatin and Authorization and
> EJB Authentication and Authorization etc.,
>
> Currently I am working on assessing the security performance using
> DayTrader and wondering whether anyone has done similar studies with
> DayTrader.
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
--
"I say never be complete, I say stop being perfect, I say let... lets
evolve, let the chips fall where they may." - Tyler Durden
Re: [jira] Commented: (GERONIMO-3101) Role Based J2EE security
model for DayTrader Benchmark
Posted by suryadu <su...@us.ibm.com>.
This will be simple. Security will be defined through DD files where the
logical roles will defined along with Servlet security constraints and EJB
method permissions etc.,. During the application deployment time, the
logical roles can be mapped to the real LDAP users/groups if some one wants
to use security. If not, the mapping can be ignored. To engage the security,
specific application server security needs to be configured like what LDAP
server to be used etc.,
Surya
JIRA jira@apache.org wrote:
>
>
> [
> https://issues.apache.org/jira/browse/GERONIMO-3101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12489171
> ]
>
> Matt Hogstrom commented on GERONIMO-3101:
> -----------------------------------------
>
> This would be excellent. What are the touch points for manipulating the
> configuration? I expect its a server startup issue as well as application
> configuration ?
>
>> Role Based J2EE security model for DayTrader Benchmark
>> ------------------------------------------------------
>>
>> Key: GERONIMO-3101
>> URL: https://issues.apache.org/jira/browse/GERONIMO-3101
>> Project: Geronimo
>> Issue Type: New Feature
>> Security Level: public(Regular issues)
>> Reporter: Surya V Duggirala
>>
>> To characterize and assess the performance of Security runtime for J2EE
>> role based security and Java 2 Security, we need a secured version of
>> DayTrader. This can be useful for Web Authenticatin and Authorization and
>> EJB Authentication and Authorization etc.,
>> Currently I am working on assessing the security performance using
>> DayTrader and wondering whether anyone has done similar studies with
>> DayTrader.
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
>
--
View this message in context: http://www.nabble.com/-jira--Created%3A-%28GERONIMO-3101%29-Role-Based-J2EE-security-model-for-DayTrader-Benchmark-tf3582320s134.html#a10022666
Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.
[jira] Commented: (GERONIMO-3101) Role Based J2EE security model
for DayTrader Benchmark
Posted by "Matt Hogstrom (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12489171 ]
Matt Hogstrom commented on GERONIMO-3101:
-----------------------------------------
This would be excellent. What are the touch points for manipulating the configuration? I expect its a server startup issue as well as application configuration ?
> Role Based J2EE security model for DayTrader Benchmark
> ------------------------------------------------------
>
> Key: GERONIMO-3101
> URL: https://issues.apache.org/jira/browse/GERONIMO-3101
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Reporter: Surya V Duggirala
>
> To characterize and assess the performance of Security runtime for J2EE role based security and Java 2 Security, we need a secured version of DayTrader. This can be useful for Web Authenticatin and Authorization and EJB Authentication and Authorization etc.,
> Currently I am working on assessing the security performance using DayTrader and wondering whether anyone has done similar studies with DayTrader.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.