[cool_harbor] Class Guard will be deprecated in next release
- From: "Johnny Kewl" <john@xxxxxxxxxxxxxxx>
- To: <cool_harbor@xxxxxxxxxxxxx>
- Date: Sat, 20 Oct 2007 10:18:35 +0200
The security system is currently tied to Tomcats security...
This will be deprecated (removed) in the next release because Harbor will now
have its own security system.
There are several reasons for this....
+ The system currently maps URI's to Class protection...
On small systems this is OK but on large systems with hundreds of classes its
proving to be too much work. The new scheme is much much easier.
+ Remove the dependency on Tomcat..
This old security system is the only thing that really ties Harbor to Tomcat...
once its gone, Harbor will port to any servlet container very easily.
+ Just not good enough..
Things like setting up secure comms is a mission with TC.... the new system
reduces all that to one line of code, and is independent of TC
Passwords in TC are stored in the open.... this will now be random IV digests
making it very secure.
The conceptual model that Verisign works on is not good enough for what we have
in mind... on the new system, you can become a Verisign... will be explained in
the release.
====================
If you building an app right now, omit security considerations for now... the
new system will let you do it 10 minutes what would take a very long time the
old TC way.
====================
Enjoy the Rugby... go Bokke!
---------------------------------------------------------------------------
HARBOR: http://coolharbor.100free.com/index.htm
Now Tomcat is also a cool application server
---------------------------------------------------------------------------
Other related posts:
- » [cool_harbor] Class Guard will be deprecated in next release
