xml-xindice-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Murray Altheim <m.alth...@open.ac.uk>
Subject Re: access control in xindice
Date Wed, 11 Feb 2004 15:34:59 GMT
Honglin Ye wrote:
> xml-security is a too-big topic. I am thinking how to prevent un-wanted
> query. As it stands now, Any one who knows the hostName and portNumber
> can query/update documents inside, by using either a commandline tool or
> a slightly modified java-api. (assume that he is inside the firewall, or
> he is outside firewall but the port used is open)

But you can do that in your application, not in Xindice. There's
no need to pollute Xindice's code base with every single need there
is out there. There's about ten ways to handle this before you ever
need to modify things at the database layer.


Murray Altheim                    http://kmi.open.ac.uk/people/murray/
Knowledge Media Institute
The Open University, Milton Keynes, Bucks, MK7 6AA, UK               .

  "I'm a war president. I make decisions here in the Oval Office
   in foreign policy matters with war on my mind." -- George W. Bush

  "This is the new Mein Kampf. Only Hitler did not have nuclear
   weapons. It's the scariest document I've ever read in my life."
         -- Dr. Helen Caldicott, referring to the Project for the
   New American Century report entitled "Rebuilding America's
   Defenses: Strategy, Forces and Resources For a New Century"

     "This report proceeds from the belief that America should seek
      to preserve and extend its position of global leadership by
      maintaining the preeminence of U.S. military forces." [op. cit.]

     "[...] and advanced forms of biological warfare that can target
      specific genotypes may transform biological warfare from the
      realm of terror to a politically useful tool." [op. cit.]

  "This is a blueprint for US world domination."

View raw message