[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

xmlBlaster security framework available


As earlier announced, a security framework is under developement. Now,
first results are available in a cvs branch called 'security_branch'. 

It contains:
 -- 3 new interfaces which must implemented in a 
    security plugin:
       - I_SecurityManager
       - I_SessionSecurityContext
       - I_SubjectSecurityContext 
    location: org.xmlBlaster.authenticate.
 -- a loader for security plugins: 
 -- the new methods init and disconnect which 
    replace login and logout (AuthServer)
 -- calls to check the rights, en-/decrypt 
    messages, sign/verify signatures ...
 -- a dummy plugin which is used as default. 
    It has the same behavior as a usual xmlBlaster 
    without security extensions.
 -- init and disconnect extensions in the CORBA 
    and RMI protocol handler
    (XML-RPC, etc. are untouched. Thus, they don't
    support init/disconnect up to now!)

An a2Blaster-plugin is also available, but not included, because it
presumes a2Blaster classes ...

Documentation (for administration and plugin developement), tests for
the test-suite, demos ... are in progress an will follow soon.

At this stage, I'm very interested in YOUR experiences regarding
This version *should* work without any changes, neither in sources nor
in the configuration. 
I rely on YOUR feedback, to put everything right and merge this with the
main branch as soon as possible!!!

Sure, I'm interested in opinions and further experiences, too. But I
think, it's better to ask for it when documentation etc. is available

I'm waiting for your reports ... :)

Best regards,
Wolfgang Kleinertz