You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@bval.apache.org by Matt Benson <gu...@gmail.com> on 2012/11/07 18:57:14 UTC
new privileged work branch
All:
Several of us had seemingly gone back and forth trying to decide the best
approach to privileged actions in the BVal codebase. The approaches we
tried were verbose, less-than-secure, or (my own) put additional
requirements on the end user. My work at
https://svn.apache.org/repos/asf/bval/branches/privileged2 uses
https://github.com/mbenson/privileged-method-weaver to attempt to resolve
all these issues. I have completely gotten rid of the SecureActions and
PrivilegedActions classes in favor of small private methods in the
consuming classes. These are annotated with a single, class-level-retained
@Privileged annotation, and a Maven plugin (also available as an Antlib)
post-processes the classfiles courtesy of xbean-finder and javassist. It'd
be great if some of you who run BVal in secured environments could give it
a spin.
Thanks,
Matt
Re: new privileged work branch
Posted by Mark Struberg <st...@yahoo.de>.
seems github doesnt want to talk with me today ;)
Anyway, from what I read this really sounds GREAT!
If I understood it correctly, then we just do
@Secured
{
dosomethingwhichmightrequiredoPrivileged();
}
without having to do all the tons of cruelfull code, right?
Will checkout your github project this afternoon!
From just thinking about the idea this really sounds something we should host at commons.
LieGrue,
strub
----- Original Message -----
> From: Matt Benson <gu...@gmail.com>
> To: dev@bval.apache.org
> Cc:
> Sent: Wednesday, November 7, 2012 6:57 PM
> Subject: new privileged work branch
>
> All:
> Several of us had seemingly gone back and forth trying to decide the best
> approach to privileged actions in the BVal codebase. The approaches we
> tried were verbose, less-than-secure, or (my own) put additional
> requirements on the end user. My work at
> https://svn.apache.org/repos/asf/bval/branches/privileged2 uses
> https://github.com/mbenson/privileged-method-weaver to attempt to resolve
> all these issues. I have completely gotten rid of the SecureActions and
> PrivilegedActions classes in favor of small private methods in the
> consuming classes. These are annotated with a single, class-level-retained
> @Privileged annotation, and a Maven plugin (also available as an Antlib)
> post-processes the classfiles courtesy of xbean-finder and javassist. It'd
> be great if some of you who run BVal in secured environments could give it
> a spin.
>
> Thanks,
> Matt
>