I am looking for a design where depending on the callerID and the method being called and the parameters, to allow or deny the call to the method.
Obviously, I am looking for something generic.
I am only looking for a solution for primitive types.
I would like to describe different possibilities I have been thinking of:
1) Programmatic check for each method.
Problem you write security code with your business code.
100 methods => 100 checks written by you.
2) Reflection on the server side.
I wrote a stateless session bean with 2 methods:
public Ojbect invoke(String jndiName, String methodName,
Object args) and
public Object invoke(Object remote, String methodName, Object args)
All my EJB calls go through this bean.
Need to add client credentials for each code, because only the app server can do security context propagation (unless you add it and check for it programmatically)
Need for a generic framework for (EJB, Method, CallerID, Arguments) to allow/deny access to the method.
Can be too complex.
3) Dynamic Proxy (JDK 1.3) on the client side.
I am afraid that 1) is the only solution.
Otherwise you bypass the container for security and I think
it is not (?) worth it.
I am really looking for an EJ QL like language on primitive
types per callerID.
Or, the spec should add the Interceptor concepts (like in www.jboss.org) so that we can plug a thir-party tool to check this security (authentication as well as authorisation).
I am really looking forward to your thoughts.
-- Thierry Janaudy