OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] SOAP-RPC and REST and security

[ Lists Home | Date Index | Thread Index ]

On Wednesday 20 February 2002 04:33 pm, Michael Brennan wrote:
> > I talked to an EJB expert about REST. We were talking about
> > security models. I described how REST has a natural ACL or
> > capabilities model. What's the natural model of RMI (which is
> > basically OO RPC with class distribution)?

An RPC {host,method) pair is roughly akin to a capability...  in fact 
in one of our products we use this id to protect method calls over RMI.

That said, both the above and REST are flawed as a capability-based 
system because of the arbitrary discoverability holes.


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS