On 06/10/2011 01:21 PM, Jaikiran Pai wrote:
On Friday 10 June 2011 09:23 PM, Darran Lofthouse wrote:
> On 06/10/2011 04:49 PM, Anil Saldhana wrote:
>> On 06/10/2011 10:46 AM, Darran Lofthouse wrote:
>>> On 06/10/2011 04:43 PM, Anil Saldhana wrote:
>>>> We have not discarded that LM.
>>> But is it expected to be supported?
>>>
>>> The org.jboss.security.annotation.SecurityDomain annotation has also
>>> not
>>> been discarded even though there is an EJB3 specific SecurityDomain
>>> annotation ;-)
>>>
>> The EJB3 Security Domain annotation should be discarded for AS7 and
>> they need to use the one coming from PicketBox.
>
> Carlo / Jaikiran - are you Ok with the Picketbox @SecurityDomain
> annotation?
I don't think that's a good idea. We've already had one round of such
changes from JBoss AS4 to JBoss AS5 where we changed the package names
of those annotations from org.jboss.annotation.* to
org.jboss.ejb3.annotation and users still keep running into problems
with that.
Also, I don't see why EJB3 needs to depend on that PicketBox annotation
for managing security. Why not continue using the EJB3 @SecurityDomain
and we internally pass on the relevant information to the PicketBox
project for security management. Or are you saying that PicketBox is
going to scan EJB3 classes for those PicketBox specific annotations?
Agreed. EJB security is an EJB concern; PicketBox may be the
implementation but it is not appropriate to change these annotations
because of it.
On the contrary we should continue to support org.jboss.ejb3.annotation
- and maybe even org.jboss.ejb.annotation, to be honest. There is no
compelling reason to change this now.
--
- DML