EJB design: Authorisation at the argument level
- Posted by: Thierry Janaudy
- Posted on: August 21 2000 12:04 EDT
I am looking for a design where depending on the callerID and the method being called and the parameters, to allow or deny the call to the method.
Obviously, I am looking for something generic.
I am only looking for a solution for primitive types.
I would like to describe different possibilities I have been thinking of:
1) Programmatic check for each method.
Problem you write security code with your business code.
100 methods => 100 checks written by you.
2) Reflection on the server side.
I wrote a stateless session bean with 2 methods:
public Ojbect invoke(String jndiName, String methodName,
Object args) and
public Object invoke(Object remote, String methodName, Object args)
All my EJB calls go through this bean.
Need to add client credentials for each code, because only the app server can do security context propagation (unless you add it and check for it programmatically)
Need for a generic framework for (EJB, Method, CallerID, Arguments) to allow/deny access to the method.
Can be too complex.
3) Dynamic Proxy (JDK 1.3) on the client side.
I am afraid that 1) is the only solution.
Otherwise you bypass the container for security and I think
it is not (?) worth it.
I am really looking for an EJ QL like language on primitive
types per callerID.
Or, the spec should add the Interceptor concepts (like in www.jboss.org) so that we can plug a thir-party tool to check this security (authentication as well as authorisation).
I am really looking forward to your thoughts.
-- Thierry Janaudy
I am writing this just to share my views. Probaly I am not giving a solution you are expecting.
From your problem what I have understood is you need to the functionalities of the client must be restricteed based on the Roles they posses. That means certain client can access only ceratin functions (Methos calls) based on the role thgey possess. for example a data entry operator can only enter data where as a Vice president can generate MIS Report.
My Solution to the problem goes like this.
Why I can restrict this function call from the client side itself rather than validating it in the server side.It can reduce the network traffic but it will delay the program start up a bit.
Whrn a person logs intot the system, the Server will retrieve the Role corresponding to the user and the function that can be triggered. So only burden in the server siude is to retrieve all sucgh function details based on the Login Id and passs it back to the client at the time of Logging. In addition to that we need an additional module to maintain the Roles and the function assosiated with it.
In the client side , assuming that it is a GUI, we can diable/ enable the functionalities based on the result obtained from the Client.
Have a though abt it.
if this is not what you have meant pls let me know.