On Thu, Jul 21, 2011 at 04:51, Pete Muir <span dir="ltr"><<a href="mailto:pmuir@redhat.com">pmuir@redhat.com</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im"><br>
On 20 Jul 2011, at 12:46, Marek Schmidt wrote:<br>
<br>
> Hi all,<br>
><br>
> looking at <a href="https://issues.jboss.org/browse/SEAMSECURITY-81" target="_blank">https://issues.jboss.org/browse/SEAMSECURITY-81</a>, I am not<br>
> sure, what is the intended location of the security.drl file?<br>
><br>
> The examples have it in WEB-INF/security.drl, but that doesn't work<br>
> except on AS6.<br>
><br>
> The SecurityRuleProducer injects the file using:<br>
><br>
>> @Inject<br>
>> @org.jboss.seam.solder.resourceLoader.Resource("security.drl")<br>
>> InputStream securityRules;<br>
><br>
> So I am not sure which of these are true statements:<br>
><br>
> 1. Seam Security examples are wrong, the file should be moved to servlet<br>
> context root<br>
> 2. Seam Security impl is wrong, it should @Inject it from<br>
> "WEB-INF/security.drl"<br>
> 3. Seam Solder on AS7/Glassfish is wrong, it should pick up the file<br>
> WEB-INF/security.drl using just the @Resource("security.drl") on these<br>
> platforms<br>
> 4. Seam Solder on AS6 is wrong, it should not pick up the file<br>
> WEB-INF/security.drl using just the @Resource("security.drl") on AS6.<br>
<br>
</div>(3) and (4) are out, @Resource just uses the underlying web container and classloader to load resources. </blockquote><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
Either (1) or (2) is correct.<br></blockquote><div><br></div><div>I don't think we want #1. That puts the file in the public web directory. How about:</div><div><br></div><div>1b: the file should be moved to the classpath (WEB-INF/classes) so it can be injected with @Resource("security.drl")</div>
<div>2. Seam Security should inject from WEB-INF/security.drl</div><div><br></div><div>I think Seam Security should accommodate both 1b and 2. And thus, no change to the example.</div><div><br></div><div>-Dan</div><div><br>
</div></div>-- <br><div>Dan Allen</div>Principal Software Engineer, Red Hat | Author of Seam in Action<br>Registered Linux User #231597<br><br><div><a href="http://www.google.com/profiles/dan.j.allen#about" target="_blank">http://www.google.com/profiles/dan.j.allen#about</a><br>
<a href="http://mojavelinux.com" target="_blank">http://mojavelinux.com</a><br><a href="http://mojavelinux.com/seaminaction" target="_blank">http://mojavelinux.com/seaminaction</a><br></div><br>