- From: Anselm Baird_Smith <abaird@www43.inria.fr>
- Date: Thu, 9 Jan 1997 09:29:29 +0100 (MET)
- To: "S. Alexander Jacobson" <alex@virtual.office.com>
- Cc: www-jigsaw@www10.w3.org
S. Alexander Jacobson writes: > I have multiple users shareing the same webserver. > > I would like to allow users to "put" resources on a server and have those > resource run in some type of resticted "sandbox" using the security > manager. > > The difficulty is that an application can only have one security manager. > I don't want to conflict with other resources that have their own security > model. > > Are you planning on defining some security manager spec or defining some > sandbox model for resources? Indeed ! As next release of Jigsaw supports remote loading of servlets, this will defintely be needed. I have been complaining about SecurityManager conflicts in various forums, with no lack. If nothing is done at the java level to solve the problem (I think JECF API comes with somthing along those lines, didn't had time to check), then I will probably do: a) A JigsawSecurityInterface b) A JigsawSecurityImplementation object c) Provide a default security manager that implements the std part and delegate Jigsaw calls to the impl object Then, if I want to include Aglets within Jigsaw (with their own securiy manaager), I would probably extend the Aglet security manager (making it implement JigsawSecurityInterface), and have it delegate these methods to same impl as above. Anselm. BTW: I am still unsure as to wether I will have time to do this before feb. release, if not, I'll make sure to provide at least a very rough impl of the current Java security manager
Received on Thursday, 9 January 1997 03:29:29 UTC