Hi Anil,
thanks for this explanations.
Unfortunately, the available permissions are distributed in different source files, so it is difficult to get a list of all possible permissions.
I checked out jboss-as, picketbox and other sources and find them via grep - but is there no way to define the available permissions in one place ?
We try to play with a strong security concept - in my view, however, it makes no sense to to give everything java.security.AllPermission.