An adminstrator should be able to specify or override an application specific security domain setting. If needed, it could be a domain property to ignore security domain settings from applications, but it certainly is an ease of use feature to allow them.
Can we have a properties element in the security domain schema that can allow for the properties files information to be provided?
We should also support property value obfuscation based on some domain server key in general for properties. Is that a notion we have in the domain model?