3

Is there a way in Eclipse ecosystem to manage access permissions to resources?

I need something like Linux filesystem permissions to allow/deny access to data in my Eclipse RCP application. I.e.:

  • User and group management

  • Login management

  • Read-write permission management for my resources (i. e. for my db records)

  • EMF based (it's not mandatory but very useful)

I can develop all from scratch but I think it's a common need, so I suppose there is also something done.

Or am I wrong?

Thanks.

Edit: Subject fixed. Sorry

Marco Carnazzo
  • 782
  • 2
  • 6
  • 25
  • I am not sure I understand what role EMF is supposed to play here. Do you want to control access on EMF resources, or do you want to define your security model with EMF? Also I am not sure what kind of protection you need for your db records. Is there a server part in your application, or do you need client-side encryption? – Max Hohenegger Dec 31 '12 at 18:24
  • Both :) I want to filter EMF resources AND I wish define my security model with EMF. In the future maybe I will have a server part. No need of client-side encryption. – Marco Carnazzo Jan 03 '13 at 08:19

1 Answers1

0

I am not aware of a one-size-fits-all solution for authorization, authentication, and data security in Eclipse, but there are various way you can build your own.

There is a lengthy discussion about the different ways to implement role based access control for UI Elements with Eclipse RCP in the Eclipse Bugzilla. This article is one example for how you can use Eclipse extension points to handle authorization.

What's the best way for authentication with a login dialog depends on your Eclipse Version. Here is a sophisticated way to build styled login dialogs in Eclipse e4.

Max Hohenegger
  • 1,609
  • 15
  • 19
  • Thank you for your reply. It almost covers my question. It's missing only a part: a data filter. For example, I want that Managers see/edit only employees of their team. – Marco Carnazzo Jan 03 '13 at 08:10
  • If I understand you correctly, you want to filter the results of getters you call on EMF objects. I can see how that would be useful. If your model returns an EList (i.e. the list of team members) you could filter it by overriding the getter. By observing that EList, you could then propagate changes to it, back to the actual model. However, you would still need to check authorization for the UI, in order to enable/disable controls. This means almost twice the work for the same result, and without encryption it would still not be very secure. – Max Hohenegger Jan 06 '13 at 15:24