My Photo

August 2007

Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

« JBoss: Implementing Middleware Using AOP | Main | Toplink Persistence Aspects »

March 21, 2005

Comments

James

Building auditing components directly into an application as suggested is a bad idea. Code is not portable and left to indivdiual developers who have the ability to remove whereas those in corporate security roles need something that developers cannot tamper with.

http://blogs.ittoolbox.com/eai/leadership/

Ron Bodkin

I think you missed the point of this product, James. It implements auditing completely separately from the application, and is deployed at load time. In no way is it coded or built in to the application.

The NearInfinity code is portable and has been used on multiple applications. You can also read more about what NearInfinity is doing from their slides at https://www.aosd.net/2005/industry/report2.php and soon their written report...

The comments to this entry are closed.