[jboss-as7-dev] security/web sucks, what can we change?
Remy Maucherat
rmaucher at redhat.com
Fri Jun 17 12:13:05 EDT 2011
On Fri, 2011-06-17 at 12:07 -0400, Bill Burke wrote:
> Ah, you mean write a deployer, listen for JbossWebMetaData, and add what
> you need to JbossWebMetaData? Won't JBossWeb see the
> "JBOSS-SECURITY-DOMAIN" auth-method and barf?
If there's a valve that is an Authenticator that is already present, it
won't try to configure an authenticator valve itself.
> I'm interested in tighter integration with AS7 to make it as simple as
> possible to configure and administrate security. We need hooks to write
> plugins that can be installed to the app server as a whole. That allow
> us to define features that users can use without a lot of (or any)
> configuration. If Servlet 3 is adequate abstraction, then so be it, but
> I thought it was a WAR deployment option?
I was talking about the login(username, password) and logout methods
that got added in Servlet 3.
--
Remy Maucherat <rmaucher at redhat.com>
Red Hat Inc
More information about the jboss-as7-dev
mailing list