You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by "Michal Kleczek (JIRA)" <ji...@apache.org> on 2014/02/27 06:12:31 UTC

[jira] [Created] (RIVER-436) Codebase annotations should be objects implementing a known interface instead od Strings

Michal Kleczek created RIVER-436:
------------------------------------

             Summary: Codebase annotations should be objects implementing a known interface instead od Strings
                 Key: RIVER-436
                 URL: https://issues.apache.org/jira/browse/RIVER-436
             Project: River
          Issue Type: Bug
          Components: net_jini_core, net_jini_io, net_jini_security
            Reporter: Michal Kleczek


Right now codebase annotations are Strings containing a space separated list of URLs . This has several drawbacks:
1. Code downloading is not dynamically extensible. All the parties in the network have to apriori agree on a set of URL handlers. Introduction of a new provisioning mechanism - for example based on Maven - requires at least reconfiguration of all participants
2. There is no way of verifying downloaded code before it is actually executed. Right now a TrustVerifier is obtained and used only after a service proxy was deserialized which enables untrusted code to execute during deserialization (see also RIVER-362).

The idea is to make code downloading extensible. Codebase annotations should be objects implementing a well known interface encapsulating the way how code is downloaded.
Prior to execution codebase annotations would be verified for trust.
That way:
1. Clients are decoupled from the mechanism used to download service proxy code
2. No code is executed before verifying the codebase for trust.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)