[stellation-res] WVCM API Problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[stellation-res] WVCM API Problem

From: "Mark C. Chu-Carroll" <mcc@xxxxxxxxxxxxxx>
Date: Tue, 16 Sep 2003 14:14:45 -0400
Delivered-to: stellation-res@xxxxxxxxxxxxxxx
List-archive: <http://dev.eclipse.org/pipermail/stellation-res/>
List-help: <mailto:stellation-res-request@dev.eclipse.org?subject=help>
List-subscribe: <http://dev.eclipse.org/mailman/listinfo/stellation-res>, <mailto:stellation-res-request@dev.eclipse.org?subject=subscribe>
List-unsubscribe: <http://dev.eclipse.org/mailman/listinfo/stellation-res>, <mailto:stellation-res-request@dev.eclipse.org?subject=unsubscribe>

On Tuesday, September 16, 2003, at 08:03 AM, Jonathan Gossage wrote:
----- Original Message -----
From: "Jonathan Gossage" <jonathan@xxxxxxxxxxxxxx>
To: <stellation-res@xxxxxxxxxxxxxxx>
Sent: Tuesday, September 16, 2003 7:54 AM
Subject: [stellation-res] WVCM API Problem
I have been going through the WVCM API and have found a problem areathat
makes it unnecessarily difficult to use strong authentication. Since
JSR147
is in the public review period until Dec. 3, 2003, I believe weshouldsubmit a comment to that group. The generalization that is necessaryto
make
it easy to use strong authentication is trivial and I could prepare a
short
document for us to review if you would like.
I've got a more direct channel for suggesting changes to the standard.I'llbe talking to the WVCM spec author on thursday. (Geoff is a friend ofmine.)
What's the problem with strong authentication in WVCM? WVCM is designed
to sit over WebDAV, which allows the use of cryptographic challenge
authentication, which seems adequately strong. But I'm not a crypto
expert at all - and, I expect, neither is Geoff. So what's the issue?
 I forgot to mention that I am planning to write a document that will
recommend that we use JAAS as our authentication and authorization
framework. Given this our current authentication and authorizationsupportcan be simply encapsulated in a JAAS wrapper. This approach willallow us
and others to easily provide strong authentication for Stellation.
Gaah. I bought a book on JAAS about a year ago, and concluded it
was a horrible, overcomplicated, incredibly painful API, and that itlooked
like a nightmare to administrate a system that used it.

What kind of benefit are we going to see by replacing the current
auth/auth system in Stellation with JAAS?  (It's going to have to be
a pretty big one to convince me!)

	-Mark


Mark Craig Chu-Carroll,  IBM T.J. Watson Research Center
*** The Stellation project: Advanced SCM Research
***      http://stellation.eclipse.org
*** Work: mcc@xxxxxxxxxxxxxx/Home: markcc@xxxxxxx



Mark Craig Chu-Carroll,  IBM T.J. Watson Research Center
*** The Stellation project: Advanced SCM Research
***      http://stellation.eclipse.org
*** Work: mcc@xxxxxxxxxxxxxx/Home: markcc@xxxxxxx

Follow-Ups:
- RE: [stellation-res] WVCM API Problem
  - From: Jonathan Gossage

Prev by Date: Re: [stellation-res] WVCM API Problem
Next by Date: RE: [stellation-res] WVCM API Problem
Previous by thread: Re: [stellation-res] WVCM API Problem
Next by thread: RE: [stellation-res] WVCM API Problem
Index(es):
- Date
- Thread

Breadcrumbs