- Status: Design/Prototyping
- Updated: 2008-01-24
Roswell Secure Content Repository
The Roswell Secure Content Repository is a JSR-283 compatible content repository with high security features including:
- Descretionary access control
- Mandatory access control
- Encrypted content store
- Pluggable subsystems
- Internal Password indirection (for keystore passwords)
Progress Report
It's been six months since my last update, and I've released a subproject library called LWC which will provide the loading and configuration mechanism for the repository. In addition, I've started prototyping the base RepositoryEngine and testing the loading process along with stubbing out the various subsystems.
Update: Testing is complete on the loading process, and I'm now working on the different layers of functionality.
The subsystems are so far:
- Namespace Registry
- Trust Manager
- Content Manager
- Access Control Manager
- Workspace Manager
I'm not sure yet if the Access Controller and Indexer should be the same module or separate entities. Currently, I'm prototyping them as separate subsystems.
Update: The prototype indexer, now workspace provider, is running in my development environment. Since the JCR API treats permissions as a configurable, hierarchical, and inheritable model, I've separated out the enforcement of the permissions from the index code itself. It may, however, still end up inside the Workspace Manager code. (Workspace Manager supports multiple workspace providers.)
The Motto - Secrecy and Open Source
Topics for Discussion
What follows will eventually be links to blog-ish articles covering important elements of the design.
- Automation and Password Security - the chinese box problem
- Provider model vs. OSGi / Ioc (or Light Weight Container)
- Authentication models - avoiding authentication with trust relationships