[teiid-commits] teiid SVN: r2437 - in trunk: client/src/main/resources and 2 other directories.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Wed Aug 11 11:42:12 EDT 2010
Author: shawkins
Date: 2010-08-11 11:42:11 -0400 (Wed, 11 Aug 2010)
New Revision: 2437
Modified:
trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
trunk/client/src/main/resources/vdb-deployer.xsd
trunk/documentation/reference/src/main/docbook/en-US/content/architecture.xml
trunk/documentation/reference/src/main/docbook/en-US/content/entitlements.xml
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
Log:
TEIID-1199 update to security naming. this is not a deep refactoring - it only changes what is exposed.
Modified: trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
===================================================================
--- trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2010-08-11 15:42:11 UTC (rev 2437)
@@ -87,8 +87,8 @@
<property name="lobChunkSizeInKB">100</property>
<!-- The maximum number of query plans that are cached. Note: this is a memory based cache. (default 250) -->
<property name="preparedPlanCacheMaxCount">250</property>
- <!-- Turn on checking the entitlements on resources based on the roles defined in VDB -->
- <property name="useEntitlements" class="java.lang.Boolean">false</property>
+ <!-- Turn on role checking on resources based on the roles defined in VDB -->
+ <property name="useDataRoles" class="java.lang.Boolean">false</property>
<!-- Long running query threshold, after which a alert can be generated by tooling if configured-->
<property name="queryThresholdInSecs">600</property>
<!-- Maximum rows allowed from a source query. -1 indicates no limit. (default -1)-->
Modified: trunk/client/src/main/resources/vdb-deployer.xsd
===================================================================
--- trunk/client/src/main/resources/vdb-deployer.xsd 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/client/src/main/resources/vdb-deployer.xsd 2010-08-11 15:42:11 UTC (rev 2437)
@@ -73,12 +73,12 @@
<xs:attribute name="type" type="xs:string" use="required"/>
</xs:complexType>
</xs:element>
- <xs:element name="data-policy" minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="data-role" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
- <xs:documentation>This defines a security policy on the Schema. The "resource-name" element defines fully qualified
- name for a Table, procedure etc. The "allows-*" elements define the security access. The "mapped-role-name" defines
- the "role" name that user must have before they have access to this data. The "role" name matches to the
- JAAS based role that user has.</xs:documentation>
+ <xs:documentation>This defines a data role. The "resource-name" element defines fully qualified
+ name for a Schema, Table, Procedure, etc. The "allows-*" elements define the security access, which are applied to the resource
+ and all child resources. The "mapped-role-name" defines the "role" name that user must have before they have access to this data.
+ The "role" name matches to the JAAS based role that user has.</xs:documentation>
</xs:annotation>
<xs:complexType>
Modified: trunk/documentation/reference/src/main/docbook/en-US/content/architecture.xml
===================================================================
--- trunk/documentation/reference/src/main/docbook/en-US/content/architecture.xml 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/documentation/reference/src/main/docbook/en-US/content/architecture.xml 2010-08-11 15:42:11 UTC (rev 2437)
@@ -29,12 +29,6 @@
</para>
</listitem>
<listitem>
- <para>Authorization – the Authorization service
- manages user entitlements. Entitlements use is
- optional (as specified in the configuration) and off by
- default.</para>
- </listitem>
- <listitem>
<para>Buffer Manager – the <link linkend="buffer_management">Buffer Manager</link> service
provides access to data management for intermediate results.</para>
</listitem>
Modified: trunk/documentation/reference/src/main/docbook/en-US/content/entitlements.xml
===================================================================
--- trunk/documentation/reference/src/main/docbook/en-US/content/entitlements.xml 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/documentation/reference/src/main/docbook/en-US/content/entitlements.xml 2010-08-11 15:42:11 UTC (rev 2437)
@@ -8,7 +8,7 @@
<para>Data roles, also called entitlements, are sets of permissions that are defined
per VDB that dictate data access (create, read, update, delete). The use of data roles is controlled system wide with the property in
<code><jboss-install>/server/<profile>/deploy/teiid/teiid-jboss-beans.xml</code> file
- in bean configuration section of <code>RuntimeEngineDeployer</code> with property <code>useEntitlements</code>.</para>
+ in bean configuration section of <code>RuntimeEngineDeployer</code> with property <code>useDataRoles</code>.</para>
<para>Once data roles are enabled, the access permissions defined in a VDB will be enforced by the Teiid Server.
</para>
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java 2010-08-11 15:42:11 UTC (rev 2437)
@@ -44,7 +44,7 @@
private int maxRowsFetchSize = DEFAULT_FETCH_SIZE;
private int lobChunkSizeInKB = 100;
private int preparedPlanCacheMaxCount = SessionAwareCache.DEFAULT_MAX_SIZE_TOTAL;
- private boolean useEntitlements = false;
+ private boolean useDataRoles = false;
private int queryThresholdInSecs = DEFAULT_QUERY_THRESHOLD;
private boolean exceptionOnMaxSourceRows = true;
private int maxSourceRows = -1;
@@ -124,16 +124,16 @@
}
/**
- * Determine whether entitlements checking is enabled on the server.
- * @return <code>true</code> if server-side entitlements checking is enabled.
+ * Determine whether role checking is enabled on the server.
+ * @return <code>true</code> if server-side role checking is enabled.
*/
- @ManagementProperty(description="Turn on checking the entitlements on resources based on the roles defined in VDB")
- public boolean useEntitlements() {
- return useEntitlements;
+ @ManagementProperty(description="Turn on role checking on resources based on the roles defined in VDB")
+ public boolean useDataRoles() {
+ return useDataRoles;
}
- public void setUseEntitlements(Boolean useEntitlements) {
- this.useEntitlements = useEntitlements.booleanValue();
+ public void setUseDataRoles(Boolean useEntitlements) {
+ this.useDataRoles = useEntitlements.booleanValue();
}
@ManagementProperty(description="Long running query threshold, after which a alert can be generated by tooling if configured")
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-08-11 03:42:11 UTC (rev 2436)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-08-11 15:42:11 UTC (rev 2437)
@@ -624,7 +624,7 @@
public void start(DQPConfiguration config) {
this.processorTimeslice = config.getTimeSliceInMilli();
this.maxFetchSize = config.getMaxRowsFetchSize();
- this.useEntitlements = config.useEntitlements();
+ this.useEntitlements = config.useDataRoles();
this.queryThreshold = config.getQueryThresholdInSecs();
this.maxSourceRows = config.getMaxSourceRows();
this.exceptionOnMaxSourceRows = config.isExceptionOnMaxSourceRows();
More information about the teiid-commits
mailing list