Would be cool to see a very small writeup (even just an example
web.xml/jboss-web.xml) that shows:
a) What we *have* to support because of Java EE 6.
b) What we *actually* want users to use.
Having feature checkmarks is great, but these security interfaces really
need a facelift. It still doesn't seem like a lot of effort is being
put into the usability of both consuming a security plugin and writing one.
On 10/18/11 10:09 AM, Anil Saldhana wrote:
Marcus,
this is in regard to your proposed changes to JBossWebRealm for the
authorization bits.
https://github.com/mmoyses/jboss-as/commit/ba3c43f8dfc9c201098392c5ebf904...
Previously, AS5/6, we had the JBoss Authorization enabled by default.
IMO for AS7, you have taken the right approach to allow user to
configure whether to use JBoss Authz via jboss-web.xml setting.
We need to get this merged asap such that I can finish the auditing task
I am currently working on.
Regards,
Anil
_______________________________________________
jboss-as7-dev mailing list
jboss-as7-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com