https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35586#M18699 <HTML><HEAD></HEAD><BODY><SPAN>I have been playing around Alfresco 1.0 about 3 weeks, it's pretty cool design! I am little bit concern about the code level security, and it’s crucial for application integration. The code level security can only apply to the proxyed services, and there is no way to prevent third parties which deployed in the same JVM from messing up by accessing or instantiation the target service, or bypass all the security check which applied by Spring Framework.</SPAN></BODY></HTML> Wed, 30 Nov 2005 19:07:33 GMT arthur_li 2005-11-30T19:07:33Z https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35586#M18699 I have been playing around Alfresco 1.0 about 3 weeks, it's pretty cool design! I am little bit concern about the code level security, and it’s crucial for application integration. The code level security can only apply to the proxyed services, and there is no way to prevent third parties whi Wed, 30 Nov 2005 19:07:33 GMT https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35586#M18699 arthur_li 2005-11-30T19:07:33Z https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35587#M18700 <HTML><HEAD></HEAD><BODY><SPAN>I think it depends on how the application is deployed.&nbsp; The deployed environment should not allow arbitrary addition of code to the JVM.&nbsp; Also, any public API's (i.e. remote) should be backed by the secure beans.</SPAN><BR /><BR /><SPAN>With source code available for all of the stack, then you're right, someone can build a tool that goes in at any level.</SPAN></BODY></HTML> Thu, 01 Dec 2005 11:51:48 GMT https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35587#M18700 davidc 2005-12-01T11:51:48Z https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35588#M18701 <HTML><HEAD></HEAD><BODY><SPAN>I was just wondering what security framework is used in Alfresco?&nbsp; Is it Acegi Security framework?&nbsp; If so, can you please describe your experience in using Acegi Security framework.</SPAN><BR /><BR /><SPAN>Thanks in advance,</SPAN><BR /><BR /><SPAN>Hien</SPAN></BODY></HTML> Fri, 30 Dec 2005 00:06:39 GMT https://connect.hyland.com/t5/alfresco-archive/code-level-security-control-for-application-integration/m-p/35588#M18701 hluu 2005-12-30T00:06:39Z