security questions

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

security questions

Ross Boylan
Can anyone give me any pointers about how security works in pier?  In
particular, if I make my own components, how do I apply security to
them?

I've been browsing around and tracing the code and see that the security
descriptors end up as decorations which apply to objectified commands.
However, I don't know what I need to do to set the security of an object
or fiddle with the security policy.

Also, if someone comes in from the outside with a link like
http://my.host.com/seaside/pier/personalpreferences, is there a way I
can ensure that they will be prompted for login and then taken to a
preferences page for them?

Thanks.
Ross

_______________________________________________
Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki
Reply | Threaded
Open this post in threaded view
|

Re: security questions

Lukas Renggli
> Can anyone give me any pointers about how security works in pier?  In
> particular, if I make my own components, how do I apply security to
> them?

You can find some documentation in Section 3.5.3 in
http://scg.unibe.ch/archive/masters/Reng06a.pdf.

> I've been browsing around and tracing the code and see that the security
> descriptors end up as decorations which apply to objectified commands.
> However, I don't know what I need to do to set the security of an object
> or fiddle with the security policy.

You can only apply the security decorations to subclasses of
PRStructure (these are the objects that represent a unique URL or
entry point into your application), not to arbitrary objects (out of
the box, at least).

> Also, if someone comes in from the outside with a link like
> http://my.host.com/seaside/pier/personalpreferences, is there a way I
> can ensure that they will be prompted for login and then taken to a
> preferences page for them?

The PRForbiddenView is displayed (with a link to the login page). This
is currently hardcoded into the "Pier-Interpreter", but could probably
be moved to the structures so that they can decide to do something
else, if necessary.

Cheers,
Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch

_______________________________________________
Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki
Reply | Threaded
Open this post in threaded view
|

Re: security questions

Ross Boylan
I have some questions, but let me put what I've discovered in here too,
for the record.  Also, you can correct me if I'm wrong!

On Wed, 2009-09-23 at 08:47 +0200, Lukas Renggli wrote:
> > Can anyone give me any pointers about how security works in pier?  In
> > particular, if I make my own components, how do I apply security to
> > them?
>
> You can find some documentation in Section 3.5.3 in
> http://scg.unibe.ch/archive/masters/Reng06a.pdf.
Very useful.
>
> > I've been browsing around and tracing the code and see that the security
> > descriptors end up as decorations which apply to objectified commands.
> > However, I don't know what I need to do to set the security of an object
> > or fiddle with the security policy.
A little more tracing reveals that when children are added to a
structure all concrete decoration classes are given a chance to do
something to the child.  The security decorator copies from the parent,
which in turn triggers the creation of a security descriptor, using the
current context for user and group, on the page.

I also learned that the children of a PRStructure are kept in a child
decorator; that was not what I would have guessed.
>
> You can only apply the security decorations to subclasses of
> PRStructure (these are the objects that represent a unique URL or
> entry point into your application), not to arbitrary objects (out of
> the box, at least).

I'm thinking of having a page with a central area that gets swapped
according to what the user is doing; the other material on the page
would stay.  Does that mean there's really only one security decoration
that is relevant?  Or does it mean the children are individually
addressable (e.g., elements of a list)?

Also, I wonder if I need any security other than ensuring someone is
logged in.  A user will only be presented links to stuff that is
relevant (and allowed) for them.  Does adding security to the objects
add any additional security (e.g., perhaps against attempts to
manipulate the URL)?

Finally, in case I do need security, is the ACL based framework still
around?  It's probably more appropriate for the scenarios I have in
mind.

>
> > Also, if someone comes in from the outside with a link like
> > http://my.host.com/seaside/pier/personalpreferences, is there a way I
> > can ensure that they will be prompted for login and then taken to a
> > preferences page for them?
>
> The PRForbiddenView is displayed (with a link to the login page). This
> is currently hardcoded into the "Pier-Interpreter", but could probably
> be moved to the structures so that they can decide to do something
> else, if necessary.

Once they login, are they taken to the page they were trying to reach
originally?


Thanks.
Ross


_______________________________________________
Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki
Reply | Threaded
Open this post in threaded view
|

Re: security questions

Lukas Renggli
> A little more tracing reveals that when children are added to a
> structure all concrete decoration classes are given a chance to do
> something to the child.  The security decorator copies from the parent,
> which in turn triggers the creation of a security descriptor, using the
> current context for user and group, on the page.

Correct.

> I also learned that the children of a PRStructure are kept in a child
> decorator; that was not what I would have guessed.

Yes, this separates all the "children" behavior into a separate object
and allows all structures to have children or not. This was one of the
major annoyances in SmallWiki the predecessor of Pier, where children
were only allowed in folder.

>> You can only apply the security decorations to subclasses of
>> PRStructure (these are the objects that represent a unique URL or
>> entry point into your application), not to arbitrary objects (out of
>> the box, at least).
>
> I'm thinking of having a page with a central area that gets swapped
> according to what the user is doing; the other material on the page
> would stay.  Does that mean there's really only one security decoration
> that is relevant?  Or does it mean the children are individually
> addressable (e.g., elements of a list)?

If you have a page that embeds some of its child-pages using the
+child1+ syntax, chilld1 is only embedded if the user has view
permission on child1 as well. So yeah, sometimes multiple permissions
from different places come into play.

> Also, I wonder if I need any security other than ensuring someone is
> logged in.  A user will only be presented links to stuff that is
> relevant (and allowed) for them.  Does adding security to the objects
> add any additional security (e.g., perhaps against attempts to
> manipulate the URL)?

Again, you cannot add security to arbitrary objects, just to
structures that map to particular URLs.

For example for this software engineering course <http://ese.unibe.ch>
there are pages that only the assistants can see and edit (for the
organization of the course), there are pages that only specific groups
of students can edit (for the student teams), there are personal pages
that you can only see when logged in and only a particular student can
edit (for the personal pages), there are pages that all students can
see and edit (for feedback), etc.

> Finally, in case I do need security, is the ACL based framework still
> around?  It's probably more appropriate for the scenarios I have in
> mind.

The ACL based framework is more powerful, indeed. I don't think it was
used recently and would probably need some updates to work in the
latest version of Pier.

Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch

_______________________________________________
Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki