This is a design question for my GSOC 2011 project, enhancing geoserver security.
I have to main interfaces, GeoserverUserGroupService and GeoserverGrantedAuthorityService for managing user/groups and role assignments.
I developed some implementations (in memory, xml and jdbc) which will be shipped with geoserver. Additionally, I want to offer the possibility to develop custom implementations and a mechanism to plug them in.
My idea is similar to the java protocol handlers as described here
http://download.oracle.com/javase/1.4.2/docs/api/java/net/URL.html
using a system property called java.protocol.handler.pkgs.
Description of this concept adapted to geoserver security:
1) Introduce a system property named
org.geoserver.security.pkgs
2) The value of the property is a list of package names delimited by "|"
3) The last component of the package name is the name for the customized implementation.
Example:
-Dorg.geoserver.security.pkgs=org.mycompany.security.test1 | org.mycompany.security.test2
At runtime, I will look into these two packages for classes named
GeoserverUserGroupServiceImpl or GeoserverGrantedAuthorityServiceImpl. If the classes are there (or at least one of them), I will check if the classes implement the interfaces mentioned above. On success, the runtime registers the new implementations (singletons) using test1 and test2 as names.
Opinions, better ideas ?
Cheers
Christian
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.