- From: S. Alexander Jacobson <alex@virtual.office.com>
- Date: Thu, 9 Jan 1997 12:16:33 -0500 ()
- To: Anselm Baird-Smith <abaird@www10.w3.org>
- cc: www-jigsaw@www10.w3.org
On Thu, 9 Jan 1997, Anselm Baird_Smith wrote: > > I am probably going to need to implement something like this before > > february. Can you provide some guidelines about how you think the > > JigsawSecurityInterface should work so I can minimize conversion hassles > > when you get started. > > Defining that interface is the hard part of the job. I don't know yet > how it will be, but it will typically add a set of methods to the > SecurityManager (eg checkResourceStoreAccess, to check if the > downloaded resource can access a resource store, etc). But that is the difficulty. How do you identify the caller? Applets work by restricting permissions on certain threads. Servlets work by restricting permissions on certain threadgroups, a model I don't like because it requires a thread for each servlet installed on a server even though many wouldn't otherwise require a thread. In Jigsaw, all resources are executed by Client threads. It strikes me as difficult without substantial changes in jigsaw architecture to preallocate threadgroups for client threads which correspond to the various permissions profiles that one might be maintaining. A lookup facility that enabled a SecurityManager to check which client thread was using which resource at any given moment could then return permissions for the particular resource. Is such a lookup facility available? How would I use it? > No, I will keep implementing Jigsaw extensions as resources, but will > benefit from other people writing servlets, that's the idea. I will > certainly not drop resources in favor of servlets. Out of curiosity, do you have some documentation that compares jigsaw to servlets so that I can better defend our decision to use it. -Alex- _____________________________________________________________________________ S. Alexander Jacobson Interband Communications 1-212-799-2645 voice 1-212-799-1075 fax
Received on Thursday, 9 January 1997 12:22:16 UTC