Triplesec
  1. Triplesec
  2. DIRTSEC-1

Start toward using java.security.Permission

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Opening this issue for visibility of the work I'm proposing on the dev list for making triplesec useable as a JACC provider.

      1. DIRTSEC-1-2.patch
        260 kB
        David Jencks
      2. DIR-199.patch
        79 kB
        David Jencks
      3. StringPermission.java
        6 kB
        David Jencks

        Activity

        Hide
        David Jencks added a comment -

        Everything still relevant in this patch has been applied or redone in sandbox/triplesec-jacc2.

        Show
        David Jencks added a comment - Everything still relevant in this patch has been applied or redone in sandbox/triplesec-jacc2.
        Hide
        David Jencks added a comment -

        Attached patch INCLUDES all the changes in DIRTSEC-2-2.patch.

        Enclosed patch completes move from triplesec Permissions class to java.security.Permissions class. It also adds denials Permissions to Role. I added a couple of simple tests of the new behavior of denied permissions, but more would be good.

        Remaining steps for use as a jacc provider:

        • figure out how application name and policyContextId and security domain and Subject's Principal relate
        • figure out how to store other kinds of permissions in ldap
        Show
        David Jencks added a comment - Attached patch INCLUDES all the changes in DIRTSEC-2 -2.patch. Enclosed patch completes move from triplesec Permissions class to java.security.Permissions class. It also adds denials Permissions to Role. I added a couple of simple tests of the new behavior of denied permissions, but more would be good. Remaining steps for use as a jacc provider: figure out how application name and policyContextId and security domain and Subject's Principal relate figure out how to store other kinds of permissions in ldap
        Hide
        David Jencks added a comment -

        Supplying guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java as a separate file since svn bugs seem to prevent making a diff.

        Show
        David Jencks added a comment - Supplying guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java as a separate file since svn bugs seem to prevent making a diff.

          People

          • Assignee:
            Alex Karasulu
            Reporter:
            David Jencks
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development