You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by Diego L Espiñeira <es...@yahoo.com.ar> on 2006/12/02 19:39:51 UTC
Custom EJB Security
Hi!
I'm in the process to migrate to Geronimo an application originally
build for JBoss.
This application uses custom EJB security through implementing the
org.jboss.security.SecurityProxy interface. How could this be done with
Geronimo. The reasons I've approached this issue that way and not the
facade bean using isUserInRole are the tight integration with the
application server architecture and that of this way I can write neat
and more maintainable code.
PD: sorry, my English sucks.
Thanks in advance.
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam �gratis!
�Abr� tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by Diego L Espiñeira <es...@yahoo.com.ar>.
Do I have to put it in JIRA?
On Mon, 2006-12-04 at 14:14 -0800, David Jencks wrote:
> We should move this to the dev list :-)
>
> Sorry for the delay, I wrote up some info on JACC at http://
> cwiki.apache.org/confluence/display/GMOxDEV/JACC+Guide
>
> I'll try to work on it some more and see if I can figure out how to
> link it from the dev wiki page.
>
> I don't know of much other info about JACC except the spec which is
> IMO a bit confusing about who does what.
>
>
>
> On Dec 2, 2006, at 9:40 PM, Diego L Espiñeira wrote:
>
> > I guess I have to implement/extend the following interfaces/classes
> > - org.apache.geronimo.j2ee.deployment.SecurityBuilder
> > - javax.security.jacc.PolicyConfiguration
> > - javax.security.jacc.PolicyConfigurationFactory
> > - java.security.Principal
> >
> > Is that right? Just what you did with all that TripleSec stuff, right?
> > Well, now I need to know how this classes are suppose to fit together.
> > I need any explanation i.e. "class A calls B when C happens", etc.
>
> I think you might want to try extending the geronimo default
> provider, I think you will have less to do.
> >
> > When the authorization info gets updated?
> > How do I make the "SecurityProxy" read additional configuration
> > such as
> > where to get the permissions and roles from (DBMS, XML, webservice,
> > etc).
>
> After thinking about this for just a few minutes, I think I'd go
> about this like so:
>
> 1. use java 5 :-)
>
> 2. Modify PolicyConfigurationGeneric to include a map <Class,
> PermissionsHandler>, and if the regular check passes, confinue by
> looking for a handler for the class of the permission, and asking the
> handler as well. So we'd have something like
>
> interface PermissionsHandler {
> boolean implies(Permission permission, Principal[] principals);
> }
>
> The permissionsHandler can look for the ejb object, method args, etc
> from PolicyContext itself. (PermissionsHandler is probably a really
> bad name)
>
> 3. Write a GBean to configure and install a PermissionsHandler into a
> PolicyConfigurationGeneric for a specific policyContextID. This
> GBean can configure the PermissionsHandler any way it wants.
>
> 4. Modify the GeronimoSecurityBuilderImpl to install instances of
> your gbeans based on xml in a modified geronimo-security-1.2.xsd
>
> I think my proposed PermissionsHandler can do anything the jboss
> SecurityProxy can do, although it is going to use the
> EJBMethodPermission.getActions() string to index which method is
> involved rather than the Method object itself.
>
> I might have left out a lot of essential functionality, so this might
> not actually work :-). It might be a starting point though.
>
> Please keep in touch with your progress, and keep asking questions!
>
> thanks
> david jencks
>
> >
> >
> > On Sun, 2006-12-03 at 00:32 -0300, Diego L Espiñeira wrote:
> >> Hi
> >> It would be such an honor to participate.
> >> The case is I don't have much information about the JACC API and
> >> specification neither about how is this implemented in geronimo.
> >> I just need that information to get the job done.
> >>
> >>
> >> Thanks for your reply
> >>
> >> On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
> >>> The SecurityProxy is a JBoss proprietary feature that Geronimo
> >>> doesn't support. At the moment we don't have anything directly
> >>> comparable implemented.
> >>>
> >>> Starting with j2ee 1.4 the "official" way to implement security
> >>> dependent on the ejb method calls is to do it in a JACC
> >>> provider. In
> >>> a JACC provider you can use the ejb method call in the determination
> >>> of whether to grant an ejb permission to a caller. I suspect we
> >>> could write a JACC provider that delegated to something like the
> >>> JBoss SecurityProxy. When considering this before I was thinking
> >>> more in terms of a rule engine, but certainly just writing code is
> >>> simpler :-)
> >>>
> >>> Would you be interested in working on an implementation of this?
> >>> I'm
> >>> interested but currently short of time, but I'd be happy to discuss
> >>> how to do it with you.
> >>>
> >>> thanks
> >>> david jencks
> >>>
> >>> On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
> >>>
> >>>> Hi!
> >>>> I'm in the process to migrate to Geronimo an application originally
> >>>> build for JBoss.
> >>>> This application uses custom EJB security through implementing the
> >>>> org.jboss.security.SecurityProxy interface. How could this be done
> >>>> with
> >>>> Geronimo. The reasons I've approached this issue that way and
> >>>> not the
> >>>> facade bean using isUserInRole are the tight integration with the
> >>>> application server architecture and that of this way I can write
> >>>> neat
> >>>> and more maintainable code.
> >>>>
> >>>> PD: sorry, my English sucks.
> >>>>
> >>>> Thanks in advance.
> >>>>
> >>>> __________________________________________________
> >>>> Correo Yahoo!
> >>>> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> >>>> ¡Abrà tu cuenta ya! - http://correo.yahoo.com.ar
> >>>
> >>
> >> __________________________________________________
> >> Correo Yahoo!
> >> Espacio para todos tus mensajes, antivirus y antispam gratis!
> >> Abr tu cuenta ya! - http://correo.yahoo.com.ar
> >
> > __________________________________________________
> > Correo Yahoo!
> > Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> > ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
>
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam �gratis!
�Abr� tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by David Jencks <da...@yahoo.com>.
We should move this to the dev list :-)
Sorry for the delay, I wrote up some info on JACC at http://
cwiki.apache.org/confluence/display/GMOxDEV/JACC+Guide
I'll try to work on it some more and see if I can figure out how to
link it from the dev wiki page.
I don't know of much other info about JACC except the spec which is
IMO a bit confusing about who does what.
On Dec 2, 2006, at 9:40 PM, Diego L Espiñeira wrote:
> I guess I have to implement/extend the following interfaces/classes
> - org.apache.geronimo.j2ee.deployment.SecurityBuilder
> - javax.security.jacc.PolicyConfiguration
> - javax.security.jacc.PolicyConfigurationFactory
> - java.security.Principal
>
> Is that right? Just what you did with all that TripleSec stuff, right?
> Well, now I need to know how this classes are suppose to fit together.
> I need any explanation i.e. "class A calls B when C happens", etc.
I think you might want to try extending the geronimo default
provider, I think you will have less to do.
>
> When the authorization info gets updated?
> How do I make the "SecurityProxy" read additional configuration
> such as
> where to get the permissions and roles from (DBMS, XML, webservice,
> etc).
After thinking about this for just a few minutes, I think I'd go
about this like so:
1. use java 5 :-)
2. Modify PolicyConfigurationGeneric to include a map <Class,
PermissionsHandler>, and if the regular check passes, confinue by
looking for a handler for the class of the permission, and asking the
handler as well. So we'd have something like
interface PermissionsHandler {
boolean implies(Permission permission, Principal[] principals);
}
The permissionsHandler can look for the ejb object, method args, etc
from PolicyContext itself. (PermissionsHandler is probably a really
bad name)
3. Write a GBean to configure and install a PermissionsHandler into a
PolicyConfigurationGeneric for a specific policyContextID. This
GBean can configure the PermissionsHandler any way it wants.
4. Modify the GeronimoSecurityBuilderImpl to install instances of
your gbeans based on xml in a modified geronimo-security-1.2.xsd
I think my proposed PermissionsHandler can do anything the jboss
SecurityProxy can do, although it is going to use the
EJBMethodPermission.getActions() string to index which method is
involved rather than the Method object itself.
I might have left out a lot of essential functionality, so this might
not actually work :-). It might be a starting point though.
Please keep in touch with your progress, and keep asking questions!
thanks
david jencks
>
>
> On Sun, 2006-12-03 at 00:32 -0300, Diego L Espiñeira wrote:
>> Hi
>> It would be such an honor to participate.
>> The case is I don't have much information about the JACC API and
>> specification neither about how is this implemented in geronimo.
>> I just need that information to get the job done.
>>
>>
>> Thanks for your reply
>>
>> On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
>>> The SecurityProxy is a JBoss proprietary feature that Geronimo
>>> doesn't support. At the moment we don't have anything directly
>>> comparable implemented.
>>>
>>> Starting with j2ee 1.4 the "official" way to implement security
>>> dependent on the ejb method calls is to do it in a JACC
>>> provider. In
>>> a JACC provider you can use the ejb method call in the determination
>>> of whether to grant an ejb permission to a caller. I suspect we
>>> could write a JACC provider that delegated to something like the
>>> JBoss SecurityProxy. When considering this before I was thinking
>>> more in terms of a rule engine, but certainly just writing code is
>>> simpler :-)
>>>
>>> Would you be interested in working on an implementation of this?
>>> I'm
>>> interested but currently short of time, but I'd be happy to discuss
>>> how to do it with you.
>>>
>>> thanks
>>> david jencks
>>>
>>> On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
>>>
>>>> Hi!
>>>> I'm in the process to migrate to Geronimo an application originally
>>>> build for JBoss.
>>>> This application uses custom EJB security through implementing the
>>>> org.jboss.security.SecurityProxy interface. How could this be done
>>>> with
>>>> Geronimo. The reasons I've approached this issue that way and
>>>> not the
>>>> facade bean using isUserInRole are the tight integration with the
>>>> application server architecture and that of this way I can write
>>>> neat
>>>> and more maintainable code.
>>>>
>>>> PD: sorry, my English sucks.
>>>>
>>>> Thanks in advance.
>>>>
>>>> __________________________________________________
>>>> Correo Yahoo!
>>>> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
>>>> ¡Abrà tu cuenta ya! - http://correo.yahoo.com.ar
>>>
>>
>> __________________________________________________
>> Correo Yahoo!
>> Espacio para todos tus mensajes, antivirus y antispam gratis!
>> Abr tu cuenta ya! - http://correo.yahoo.com.ar
>
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by David Jencks <da...@yahoo.com>.
We should move this to the dev list :-)
Sorry for the delay, I wrote up some info on JACC at http://
cwiki.apache.org/confluence/display/GMOxDEV/JACC+Guide
I'll try to work on it some more and see if I can figure out how to
link it from the dev wiki page.
I don't know of much other info about JACC except the spec which is
IMO a bit confusing about who does what.
On Dec 2, 2006, at 9:40 PM, Diego L Espiñeira wrote:
> I guess I have to implement/extend the following interfaces/classes
> - org.apache.geronimo.j2ee.deployment.SecurityBuilder
> - javax.security.jacc.PolicyConfiguration
> - javax.security.jacc.PolicyConfigurationFactory
> - java.security.Principal
>
> Is that right? Just what you did with all that TripleSec stuff, right?
> Well, now I need to know how this classes are suppose to fit together.
> I need any explanation i.e. "class A calls B when C happens", etc.
I think you might want to try extending the geronimo default
provider, I think you will have less to do.
>
> When the authorization info gets updated?
> How do I make the "SecurityProxy" read additional configuration
> such as
> where to get the permissions and roles from (DBMS, XML, webservice,
> etc).
After thinking about this for just a few minutes, I think I'd go
about this like so:
1. use java 5 :-)
2. Modify PolicyConfigurationGeneric to include a map <Class,
PermissionsHandler>, and if the regular check passes, confinue by
looking for a handler for the class of the permission, and asking the
handler as well. So we'd have something like
interface PermissionsHandler {
boolean implies(Permission permission, Principal[] principals);
}
The permissionsHandler can look for the ejb object, method args, etc
from PolicyContext itself. (PermissionsHandler is probably a really
bad name)
3. Write a GBean to configure and install a PermissionsHandler into a
PolicyConfigurationGeneric for a specific policyContextID. This
GBean can configure the PermissionsHandler any way it wants.
4. Modify the GeronimoSecurityBuilderImpl to install instances of
your gbeans based on xml in a modified geronimo-security-1.2.xsd
I think my proposed PermissionsHandler can do anything the jboss
SecurityProxy can do, although it is going to use the
EJBMethodPermission.getActions() string to index which method is
involved rather than the Method object itself.
I might have left out a lot of essential functionality, so this might
not actually work :-). It might be a starting point though.
Please keep in touch with your progress, and keep asking questions!
thanks
david jencks
>
>
> On Sun, 2006-12-03 at 00:32 -0300, Diego L Espiñeira wrote:
>> Hi
>> It would be such an honor to participate.
>> The case is I don't have much information about the JACC API and
>> specification neither about how is this implemented in geronimo.
>> I just need that information to get the job done.
>>
>>
>> Thanks for your reply
>>
>> On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
>>> The SecurityProxy is a JBoss proprietary feature that Geronimo
>>> doesn't support. At the moment we don't have anything directly
>>> comparable implemented.
>>>
>>> Starting with j2ee 1.4 the "official" way to implement security
>>> dependent on the ejb method calls is to do it in a JACC
>>> provider. In
>>> a JACC provider you can use the ejb method call in the determination
>>> of whether to grant an ejb permission to a caller. I suspect we
>>> could write a JACC provider that delegated to something like the
>>> JBoss SecurityProxy. When considering this before I was thinking
>>> more in terms of a rule engine, but certainly just writing code is
>>> simpler :-)
>>>
>>> Would you be interested in working on an implementation of this?
>>> I'm
>>> interested but currently short of time, but I'd be happy to discuss
>>> how to do it with you.
>>>
>>> thanks
>>> david jencks
>>>
>>> On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
>>>
>>>> Hi!
>>>> I'm in the process to migrate to Geronimo an application originally
>>>> build for JBoss.
>>>> This application uses custom EJB security through implementing the
>>>> org.jboss.security.SecurityProxy interface. How could this be done
>>>> with
>>>> Geronimo. The reasons I've approached this issue that way and
>>>> not the
>>>> facade bean using isUserInRole are the tight integration with the
>>>> application server architecture and that of this way I can write
>>>> neat
>>>> and more maintainable code.
>>>>
>>>> PD: sorry, my English sucks.
>>>>
>>>> Thanks in advance.
>>>>
>>>> __________________________________________________
>>>> Correo Yahoo!
>>>> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
>>>> ¡Abrà tu cuenta ya! - http://correo.yahoo.com.ar
>>>
>>
>> __________________________________________________
>> Correo Yahoo!
>> Espacio para todos tus mensajes, antivirus y antispam gratis!
>> Abr tu cuenta ya! - http://correo.yahoo.com.ar
>
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by Diego L Espiñeira <es...@yahoo.com.ar>.
I guess I have to implement/extend the following interfaces/classes
- org.apache.geronimo.j2ee.deployment.SecurityBuilder
- javax.security.jacc.PolicyConfiguration
- javax.security.jacc.PolicyConfigurationFactory
- java.security.Principal
Is that right? Just what you did with all that TripleSec stuff, right?
Well, now I need to know how this classes are suppose to fit together.
I need any explanation i.e. "class A calls B when C happens", etc.
When the authorization info gets updated?
How do I make the "SecurityProxy" read additional configuration such as
where to get the permissions and roles from (DBMS, XML, webservice,
etc).
On Sun, 2006-12-03 at 00:32 -0300, Diego L Espiñeira wrote:
> Hi
> It would be such an honor to participate.
> The case is I don't have much information about the JACC API and
> specification neither about how is this implemented in geronimo.
> I just need that information to get the job done.
>
>
> Thanks for your reply
>
> On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
> > The SecurityProxy is a JBoss proprietary feature that Geronimo
> > doesn't support. At the moment we don't have anything directly
> > comparable implemented.
> >
> > Starting with j2ee 1.4 the "official" way to implement security
> > dependent on the ejb method calls is to do it in a JACC provider. In
> > a JACC provider you can use the ejb method call in the determination
> > of whether to grant an ejb permission to a caller. I suspect we
> > could write a JACC provider that delegated to something like the
> > JBoss SecurityProxy. When considering this before I was thinking
> > more in terms of a rule engine, but certainly just writing code is
> > simpler :-)
> >
> > Would you be interested in working on an implementation of this? I'm
> > interested but currently short of time, but I'd be happy to discuss
> > how to do it with you.
> >
> > thanks
> > david jencks
> >
> > On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
> >
> > > Hi!
> > > I'm in the process to migrate to Geronimo an application originally
> > > build for JBoss.
> > > This application uses custom EJB security through implementing the
> > > org.jboss.security.SecurityProxy interface. How could this be done
> > > with
> > > Geronimo. The reasons I've approached this issue that way and not the
> > > facade bean using isUserInRole are the tight integration with the
> > > application server architecture and that of this way I can write neat
> > > and more maintainable code.
> > >
> > > PD: sorry, my English sucks.
> > >
> > > Thanks in advance.
> > >
> > > __________________________________________________
> > > Correo Yahoo!
> > > Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> > > ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
> >
>
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam gratis!
> Abr tu cuenta ya! - http://correo.yahoo.com.ar
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam �gratis!
�Abr� tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by Diego L Espiñeira <es...@yahoo.com.ar>.
Hi
It would be such an honor to participate.
The case is I don't have much information about the JACC API and
specification neither about how is this implemented in geronimo.
I just need that information to get the job done.
Thanks for your reply
On Sat, 2006-12-02 at 17:08 -0800, David Jencks wrote:
> The SecurityProxy is a JBoss proprietary feature that Geronimo
> doesn't support. At the moment we don't have anything directly
> comparable implemented.
>
> Starting with j2ee 1.4 the "official" way to implement security
> dependent on the ejb method calls is to do it in a JACC provider. In
> a JACC provider you can use the ejb method call in the determination
> of whether to grant an ejb permission to a caller. I suspect we
> could write a JACC provider that delegated to something like the
> JBoss SecurityProxy. When considering this before I was thinking
> more in terms of a rule engine, but certainly just writing code is
> simpler :-)
>
> Would you be interested in working on an implementation of this? I'm
> interested but currently short of time, but I'd be happy to discuss
> how to do it with you.
>
> thanks
> david jencks
>
> On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
>
> > Hi!
> > I'm in the process to migrate to Geronimo an application originally
> > build for JBoss.
> > This application uses custom EJB security through implementing the
> > org.jboss.security.SecurityProxy interface. How could this be done
> > with
> > Geronimo. The reasons I've approached this issue that way and not the
> > facade bean using isUserInRole are the tight integration with the
> > application server architecture and that of this way I can write neat
> > and more maintainable code.
> >
> > PD: sorry, my English sucks.
> >
> > Thanks in advance.
> >
> > __________________________________________________
> > Correo Yahoo!
> > Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> > ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
>
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam �gratis!
�Abr� tu cuenta ya! - http://correo.yahoo.com.ar
Re: Custom EJB Security
Posted by David Jencks <da...@yahoo.com>.
The SecurityProxy is a JBoss proprietary feature that Geronimo
doesn't support. At the moment we don't have anything directly
comparable implemented.
Starting with j2ee 1.4 the "official" way to implement security
dependent on the ejb method calls is to do it in a JACC provider. In
a JACC provider you can use the ejb method call in the determination
of whether to grant an ejb permission to a caller. I suspect we
could write a JACC provider that delegated to something like the
JBoss SecurityProxy. When considering this before I was thinking
more in terms of a rule engine, but certainly just writing code is
simpler :-)
Would you be interested in working on an implementation of this? I'm
interested but currently short of time, but I'd be happy to discuss
how to do it with you.
thanks
david jencks
On Dec 2, 2006, at 10:39 AM, Diego L Espiñeira wrote:
> Hi!
> I'm in the process to migrate to Geronimo an application originally
> build for JBoss.
> This application uses custom EJB security through implementing the
> org.jboss.security.SecurityProxy interface. How could this be done
> with
> Geronimo. The reasons I've approached this issue that way and not the
> facade bean using isUserInRole are the tight integration with the
> application server architecture and that of this way I can write neat
> and more maintainable code.
>
> PD: sorry, my English sucks.
>
> Thanks in advance.
>
> __________________________________________________
> Correo Yahoo!
> Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
> ¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar