You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by "Hermann, Eckehard" <Ec...@softwareag.com> on 2002/03/01 13:37:34 UTC
RE: cvs commit: jakarta-slide/src/share/org/apache/slide/store Ab
stractStore.java
Hi Remy,
that's exactly what we try to do. We try to marriage the webdav
authorisation with the authorisation of a database (as far as it is
possible). The reason is, we would like to allow that the last decision if a
specific user get rights on data stored in the database should be by the
database administrator and not by the webdav adminitrator (if the two roles
are played by different persons). I think this should not be the normal way
to restrict the user rights, but it should be possible for the database
administrator to remove the rights of one specific user without closing the
whole account of the webdav server. Additional to this we are doing the
authentication against this database as well. So just users knowen by the
database are authenticated.
regards Eckehard
-----Original Message-----
From: Remy Maucherat [mailto:remm@apache.org]
Sent: Thursday, February 28, 2002 6:20 PM
To: Slide Developers Mailing List
Subject: Re: cvs commit: jakarta-slide/src/share/org/apache/slide/store
AbstractStore.java
> juergen 02/02/28 01:46:17
>
> Modified: src/share/org/apache/slide/common AbstractServiceBase.java
> Namespace.java Service.java Uri.java
> src/share/org/apache/slide/store AbstractStore.java
> Log:
> Ekehard/Juergen: Added a new method (connect and connectIfNeeded) with
> the SlideToken as a parameter. For compatibility reasons the old methods
> are still available, and if the child store does not overwrite the new
> connect method, the old one is still called.
Is this really needed ? What's the reason for this change ?
I don't think the connection to a store should / can depend on the current
principal.
Remy
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: cvs commit: jakarta-slide/src/share/org/apache/slide/store AbstractStore.java
Posted by Remy Maucherat <re...@apache.org>.
> Hi Remy,
>
> that's exactly what we try to do. We try to marriage the webdav
> authorisation with the authorisation of a database (as far as it is
> possible). The reason is, we would like to allow that the last decision if
a
> specific user get rights on data stored in the database should be by the
> database administrator and not by the webdav adminitrator (if the two
roles
> are played by different persons). I think this should not be the normal
way
> to restrict the user rights, but it should be possible for the database
> administrator to remove the rights of one specific user without closing
the
> whole account of the webdav server. Additional to this we are doing the
> authentication against this database as well. So just users knowen by the
> database are authenticated.
I understand that in the real world admins would want to also set connection
passwords, but the original design was to handle DB auth about the same way
a connection pool does it. So I would specify the auth using static
parameters. Also, this feature is useless for many stores except the JDBC
store (for ex, in the J2EE store, the pool is initialized somewhere else, so
that authentication method can't be used consistently).
Remy
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>