Part III. Implementation Details

Table of Contents

20. Exploring The Veil2 Demos

20.1. The veil2_demo Extension

20.2. The veil2_minimal_demo Extension

21. The Veil2 Implementation: What You Need To Know

21.1. User Customizations

21.2. Authentication

21.3. Privileges

21.4. Roles

21.5. Authentication Contexts

21.6. Role Assignment and Contexts

21.7. Session Contexts

21.8. Role Mappings and Mapping Contexts

22. For Developers

22.1. Performing Local Builds

22.2. Running Unit Tests

22.3. The Documentation Build

22.4. Releases

23. How Veil2 Relates to the Original Veil

23.1. What is Veil?

23.2. Where Did Veil2 Come From?

24. Tips and Guidelines

24.1. Write Queries That Work Without Veil2

24.2. Consider Reporting Blocked Accesses

24.3. Consider Testing With and Without Security

24.4. Denormalize Around Your Scopes

24.5. Use Secured Views To Implement Complex Queries

24.6. Avoid Drop...Cascade

25. Performance

25.1. Data For Evaluating Performance

25.2. Session Management Overhead

25.3. Privilege Testing Overhead

25.4. In Conclusion

26. Security

26.1. Fundamental Security Weaknesses

26.2. So, What Is It Good For?

26.3. Compromised Application Server, Really?

27. Contact Links

27.1. Reporting Bugs

27.2. Contributing

27.3. IRC

27.4. Email

27.5. Availability