You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@river.apache.org by Peter Firmstone <ji...@zeus.net.au> on 2010/06/27 12:25:41 UTC
RevokeableDynamicPolicy
Just did some serious refactoring, made significant changes to
RevokeablePolicy, now called RevokeableDynamicPolicy.
I know that it's a little out of character, Java 2 doesn't support
Policy denial, only grants. I created denials predominately for
Certificate based grants, so that trusted developers, can be identified
by their Certificates, while vulnerable CodeSource's and codebase URL's
can be denied permissions, even if signed with trusted Certificate[] chains.
Now we need a URL format that contains version and Maven archiving
provisioning information.
Note that while it is passing all tests, it is still experimental and
more tests will need to be added.
Cheers,
Peter.