The Artima Developer Community
Sponsored Link

Security Constraints
A Conversation with Bob Scheifler, Part IV
by Bill Venners
July 29, 2002

<<  Page 5 of 7  >>


Context Constraints

Bob Scheifler: There's a third category of client constraints called context constraints. Say I am about to call into a method that I know is going to make a bunch of remote calls on multiple proxies. I don't really want to mess around with the individual proxies. I just want confidentially for everything that is going to go on inside there. I can set up thread context constraints. I say, "For the duration of executing this whole body of code, any remote calls that it makes, please apply these context constraints."

At the time we make a call on a secure proxy for a server, what the proxy is obliged to do is to figure out what the server's constraints for that method are, figure out what the client's constraints for that method are, and figure out what the context constraints are. We must union all three sets of requirements together, and union all three sets of preferences together. We must then make sure the remote call obeys the union of the requirements and obeys the preferences as best it can. The proxy is obliged to do this. It is part of the contract of implementing the RemoteSecurity interface that all the remote calls made through the proxy will do this process of unioning all the constraints and making sure that the remote call enforces all the requirements.

<<  Page 5 of 7  >>

Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use