[seam-dev] Seam Security security.drl
Ales Justin
ales.justin at gmail.com
Wed Jul 20 09:27:24 EDT 2011
Wrt to (4), see AS6 WARStructure class and its
/** Whether to include web-inf in the classpath */
private boolean includeWebInfInClasspath;
and
<bean name="WARStructure" class="org.jboss.web.deployers.WARStructure">
<property name="webInfLibFilter">
<!-- We accept all .jar files in WEB-INF/lib -->
<bean name="WebInfLibFilter" class="org.jboss.vfs.util.SuffixMatchFilter">
<constructor><parameter class="java.lang.String">.jar</parameter></constructor>
</bean>
</property>
<property name="includeWebInfInClasspath">true</property> <---------- HERE
;-)
-Ales
> Hi all,
>
> looking at https://issues.jboss.org/browse/SEAMSECURITY-81, I am not
> sure, what is the intended location of the security.drl file?
>
> The examples have it in WEB-INF/security.drl, but that doesn't work
> except on AS6.
>
> The SecurityRuleProducer injects the file using:
>
>> @Inject
>> @org.jboss.seam.solder.resourceLoader.Resource("security.drl")
>> InputStream securityRules;
>
> So I am not sure which of these are true statements:
>
> 1. Seam Security examples are wrong, the file should be moved to servlet
> context root
> 2. Seam Security impl is wrong, it should @Inject it from
> "WEB-INF/security.drl"
> 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on these
> platforms
> 4. Seam Solder on AS6 is wrong, it should not pick up the file
> WEB-INF/security.drl using just the @Resource("security.drl") on AS6.
More information about the seam-dev
mailing list