Re: sandbox resources from Alexandre Rafalovitch on 1997-01-09 (www-jigsaw@w3.org from January to February 1997)

From: Alexandre Rafalovitch <alex@access.com.au>
Date: Fri, 10 Jan 1997 09:29:41 +1000
To: www-jigsaw@www10.w3.org
Message-Id: <v03010d00aefb2c438d10@[203.18.229.116]>
At 3:16 AM +1000 10/1/97, S. Alexander Jacobson wrote:
>In Jigsaw, all resources are executed by Client threads.  It strikes me as
>difficult without substantial changes in jigsaw architecture to
>preallocate threadgroups for client threads which correspond to the
>various permissions profiles that one might be maintaining.
>
>A lookup facility that enabled a SecurityManager to check which client
>thread was using which resource at any given moment could then return
>permissions for the particular resource.  Is such a lookup facility
>available?  How would I use it?
>

What about this method. Instead of using Standard thread object, Jigsaw
would use w3c.jigsaw.http.ClientThread. This ClientThread would have an
extra field and a package protected getters/setters which would be used to
tag the resource to be run in that thread. When resource to be called is
identified, some code in w.j.h package would call setter on the thread and
set the proper value. SecurityManager would also be in that package and it
would have access to getter method. Alternatively, those methods (or getter
only) can be public but they would call securityManager to check if it can
be called. We would have to avoid System.setSecurityManager for the nested
levels though. :-{

This way, we can tag each thread individually and only security manager
would have access to that data.

If that is not clear, I could provide a diagram or something, but the basic
idea is there.


Also, about SecurityManagers, could we implement nested security managers
with Jigsaw Security Manager being in control and the other
SecurityManagers could be pluged in using Strategy Design Pattern. This
way, we could actually implement multi-ring controls... Eg.
JigsawSecurityManager will make sure that servlets can only write to some
particular directory , but nested security manager, can actually limit them
to writing only some particular types of the files.


>> No, I will keep implementing Jigsaw extensions as resources, but will
>> benefit from other people writing servlets, that's the idea. I will
>> certainly not drop resources in favor of servlets.
>
>Out of curiosity, do you have some documentation that compares jigsaw to
>servlets so that I can better defend our decision to use it.
>
>-Alex-

I really think, it is hard to compare Jigsaw to Jeeves. Jigsaw provides
_much_ more functionality than Jeeves ever will. (Jeeves does not even have
302 NOT_MODIFIED implemented yet....). About power of servlets, they are
pretty primitive, most of the serious examples I saw them used for is to
create a separate thread that handles chat, special socket services, etc.
Also, it does not have access to many things in the server and mapping
system used by CGIs and servlets is getting noticeably old.

I believe in power and flexibility of Jigsaw!!!! (but then I am biased. :-} )

Regards,
       Alex.
Ps. I would really like to have some discussion on the ideas above. I think
they might be very useful, but can wrap my mind around them all by myself.

alex@access.com.au
Received on Thursday, 9 January 1997 17:29:36 UTC