You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@river.apache.org by "Michal Kleczek (JIRA)" <ji...@apache.org> on 2014/02/27 06:16:19 UTC

[jira] [Updated] (RIVER-436) Codebase annotations should be objects implementing a known interface instead of Strings

     [ https://issues.apache.org/jira/browse/RIVER-436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michal Kleczek updated RIVER-436:
---------------------------------

    Priority: Blocker  (was: Major)
     Summary: Codebase annotations should be objects implementing a known interface instead of Strings  (was: Codebase annotations should be objects implementing a known interface instead od Strings)

> Codebase annotations should be objects implementing a known interface instead of Strings
> ----------------------------------------------------------------------------------------
>
>                 Key: RIVER-436
>                 URL: https://issues.apache.org/jira/browse/RIVER-436
>             Project: River
>          Issue Type: Bug
>          Components: net_jini_core, net_jini_io, net_jini_security
>            Reporter: Michal Kleczek
>            Priority: Blocker
>
> Right now codebase annotations are Strings containing a space separated list of URLs . This has several drawbacks:
> 1. Code downloading is not dynamically extensible. All the parties in the network have to apriori agree on a set of URL handlers. Introduction of a new provisioning mechanism - for example based on Maven - requires at least reconfiguration of all participants
> 2. There is no way of verifying downloaded code before it is actually executed. Right now a TrustVerifier is obtained and used only after a service proxy was deserialized which enables untrusted code to execute during deserialization (see also RIVER-362).
> The idea is to make code downloading extensible. Codebase annotations should be objects implementing a well known interface encapsulating the way how code is downloaded.
> Prior to execution codebase annotations would be verified for trust.
> That way:
> 1. Clients are decoupled from the mechanism used to download service proxy code
> 2. No code is executed before verifying the codebase for trust.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)